Oh the perils of software updates. Ever read an article in a newspaper or magazine that talked about how some huge number of computers, supposedly managed by perfessionals, don't get some security patch for a very long time (in the authors opinion -- though if these machines get breached then that opinion is absolutely correct!)? Well, the reason is the theory of unintended consequences.
When that new version of the software comes out, it has not been in widespread deployment yet. So little (or big) bugs may have crept in and not been noticed. So the name of the game is let someone else be the fool and take the arrows. That is, until there is a compelling reason to force the issue. We generally take this stance with upgrades, though not with security updates. It is too expensive for us to take that risk on the security side.
Well in this case it was an upgrade. Actually a couple upgrades and one not too important security update. About once a month, barring any major security issues, I update some third party components. We use an IP to geographic location database that gets updated every month, sometime around the first. So about half way through the month, I get the update (sometimes it was updated twice that month...) and install it. Any access library gets updated at the same time. I send out the update in the morning and then wait until lunch to do the next thing on the list, assuming nothing went wrong.
So when I did this last week, and all went well, I looked for ohter things to update. There had been lots of updates to ZPS in the last few months, going from 3.6.0 to 4.0.0 and more recently to 4.0.1. One web server was upgraded to ZPS 4.0.0 to test when its OS was updated. So it seemed safe to update all web servers to 4.0.1, a bug fix release from the one we had no problems with.
Since that went well, I updated the kernels on all the web servers too. It was a security update that did not affect us, but it is a good idea to keep on top of these things anyhow. Restarted the web servers and had not problems. Those didn't come until later...
N54/Steven Roussey/
My Weblog