Skip to content

cf/255

You can find the source of this version on GitHub at cloudfoundry/cf-release. It was created based on the commit e9fde070.

Release Notes

Contents - Notices - Job Spec Changes - CVEs - Compatible Releases and Stemcells - Subcomponent Updates

Notices

  • MySQL UAA databases that were operating prior to UAA version 1.5.2 (released in early 2014) may be incompatible with migrations in this release, causing failures during the UAA job update. A manual fix for affected deployments can be found here.
  • The included version of Loggregator restricts ciphers to use only the following 4 ciphers. This is a breaking change for some operators and a configurable property for opting into more cipher suites was introduced in Loggregator 85 TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Job Spec Changes

  • Diego’s cc_uploader job has new required properties. Read here for details.

Security Notices

Affecting v255

  • CVE-2017-4970 in Staticfile buildpack versions v1.4.0 – v1.4.3 (high severity)

Known Issues

  • Users that belong to any space containing a user provided service instance are unable to view any specific service plan: /v2/service_plans/:guid. Users are still able to view the marketplace and provision service instances.

Subcomponent Updates

Compatible Releases and Stemcells

Usage

You can reference this release in your deployment manifest from the releases section:

- name: "cf"
  version: "255"
  url: "https://bosh.io/d/github.com/cloudfoundry/cf-release?v=255"
  sha1: "d6a12c6c581265f920b74bb89dbf2f8f0b64225a"

Or upload it to your director with the upload-release command:

bosh upload-release --sha1 d6a12c6c581265f920b74bb89dbf2f8f0b64225a \
  https://bosh.io/d/github.com/cloudfoundry/cf-release?v=255

Jobs

Packages