Skip to content

uaa/33

You can find the source of this version on GitHub at cloudfoundry/uaa-release. It was created based on the commit 7ddaaef6.

Release Notes

This is a security release addressing the following issues - CVE-2017-4974: Blind SQL Injection with privileged UAA endpoints (high severity)

Usage

You can reference this release in your deployment manifest from the releases section:

- name: "uaa"
  version: "33"
  url: "https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=33"
  sha1: "ea2f5a788800af37c72ee9adf454e4019414070b"

Or upload it to your director with the upload-release command:

bosh upload-release --sha1 ea2f5a788800af37c72ee9adf454e4019414070b \
  "https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=33"

Jobs

Packages