release: github.com/cloudfoundry/uaa-release / 24

Github source: 827e0ba7 or master branch

Updated to UAA Release 3.9.3

Important

This release has a known issue that login.saml.serviceProviderKeyPassword need to be set to “” explicitly if the login.saml.serviceProviderKey is not passphrase protected. This will be addressed in the next release.

login.saml.serviceProviderKeyPassword:
description: "Password to protect the service provider private key."

Please use this security release to patch the following CVEs

Other Security Updates

Restrict to TLS v1.2 with the following ciphers: - TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Upload this release version to the Director:

$ bosh upload-release https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=24 --sha1 d0feb5494153217f3d62b346f426ad2b2f43511a

Modify deployment manifest to use this release in addition to any other used releases:

releases:
- name: uaa
  version: "24"

Finally add needed deployment jobs and specify values for required properties.

Optionally download sha1: d0feb5494153217f3d62b346f426ad2b2f43511a release tarball locally:

# ...or download it directly using curl
$ curl -L -J -O https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=24

# or with wget...
$ wget --content-disposition https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=24