Skip to content
This repository was archived by the owner on Jan 21, 2022. It is now read-only.

Releases: cloudfoundry-attic/cf-release

v227

11 Jan 22:11
v227
baa3942
Compare
Choose a tag to compare
v227 Pre-release
Pre-release

The cf-release v227 was released on January 06, 2016.

Important:

  • The Python buildpack included in this release includes a regression whereby it fails to work in offline environments (disconnected from the Internet). Specifically, it fails to stage applications. A fix for the buildpack has already been released and administrators can use the cf update-buildpack command in their Cloud Foundry installations if they do not wish to wait for the next version of cf-release which will include the buildpack update. Due to this reason, we are marking this release as a pre-release, although there are no other known issues and it should be otherwise safe to use.
  • This v227 release changes how cf-release consumes the UAA. Rather than having a uaa job defined in cf-release, cf-release now consumes the official uaa-release, and just uses the job provided there. The uaa-release extraction allows the UAA to be used standalone, within BOSH, within Cloud Foundry, etc. And by cf-release consuming it this way, we avoid diverging job specifications. This introduces significant changes to the uaa job spec, but these should be largely immaterial to operators deploying Cloud Foundry using the provided manifest templates.
    The details for all the spec changes can be located here.

Contents:

CC and Service Broker APIs

CC API Version: 2.46.0

Service Broker API Version: 2.8

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • Fix some field duplication in the api doc details
  • Added script that tells you which cf-release a cloud controller commit is on details
  • cloudfoundry/cloud_controller_ng #475: Use login.protocol instead of uaa.no_ssl details
    • New default property in cc specs.
    • Added in this commit
    • Removed property from cc specs in this commit
    • If nothing is specified in manifest stubs, the protocol will default to https.
  • cloudfoundry/cloud_controller_ng #473: Don't allow null environment variable groups details
  • Return 202 instead of 201 on buildpack cache delete details
  • Return better errors on /v2/resource_match for invalid input details
  • Remove erroneous params from several list endponts on apidocs details
  • cloudfoundry/cloud_controller_ng #476: Remove 'builders' Test Suite From Rake Task. details
  • cloudfoundry/cloud_controller_ng #477: Add Filter To User-Provided Service Instances API. details
  • cloudfoundry/cloud_controller_ng #469: Empty request body documented on update of space quota details
  • removed experimental service migration endpoint details
  • Bump delayed_job_sequel to use merged-in 4.1.0 upstream to attempt to prevent system hangs when delayed job queue is full of failed jobs details
    • Jobs have a default priority of zero, so we first deprioritize it to 1. If it's been deprioritized in the past, we double its priority.
  • cloudfoundry/cloud_controller_ng #462: Droplet packaging fails after push on asp.net apps details
    • Bumped mime-types gem to Version 2.6.2
  • Remove unnecessary guid field from create route endpoint details
  • Update cloud controller to Ruby 2.2.4 details
  • Update Nokogiri to 1.6.7.1 details

Runtime

DEA

No changes.

Warden

No changes.

HM9000

No changes.

Buildpacks and Stacks

stacks

updated to 1.24.0 (from 1.20.0)

1.24.0

This release contains only non-critical updates to the rootfs. See the receipt changes at this commit for more information.

1.23.0

Notably, this release addresses [USN-2837-1] "Bind vulnerability" and [USN-2835-1] "Git vulnerability" which address:

  • CVE-2015-8000 "Responses with a malformed class attribute can trigger an assertion failure in db.c"
  • CVE-2015-7545 "arbitrary code execution issues via URLs"

1.22.0

Notably, this release addresses USN-2834-1 "libxml2 vulnerabilities" which address:

  • CVE-2015-5312 "It is one case where the code in place to detect entities expansions failed to exit when the situation was detected, leading to DoS"
  • CVE-2015-7497 "heap buffer overflow in xmlDictComputeFastQKey"
  • CVE-2015-7499 "Add xmlHaltParser() to stop the parser The problem is doing it in a consistent and safe fashion It's more complex than just setting ctxt->instate = XML_PARSER_EOF Update the public function to reuse that new internal routine. Detect incoherency on GROW, the current pointer to the input has to be between the base and end if not stop everything we have an internal state error."
  • CVE-2015-7500 "memory access error due to incorrect entities boundaries"
  • CVE-2015-8241 "Buffer overread with XML parser in xmlNextChar"
  • CVE-2015-8242 "Buffer overread with HTML parser in push mode in xmlSAX2TextNode"
  • CVE-2015-8317 "out of bounds read issues in the xmlParseXMLDecl function"

1.21.0

Notably, this release addresses USN-2830-1 "OpenSSL vulnerabilities" which address:

go-buildpack

updated to v1.7.1 (from v1.7.0)

v1.7.1

Packaged binaries:

name version cf_stacks
go 1.4.1 cflinuxfs2
go 1.4.2 cflinuxfs2
go 1.4.3 cflinuxfs2
go 1.5.1 cflinuxfs2
go 1.5.2 cflinuxfs2
godep v39 cflinuxfs2
  • SHA256: 117b106343846618cbeeac9cd68cac7283604f9e7b0fbe81d5ad7da3a816f7c1

nodejs-buildpack

updated to v1.5.4 (from v1.5.3)

###...

Read more
Loading

v226

08 Jan 22:06
v226
5de34b6
Compare
Choose a tag to compare
v226

The cf-release v226 was released on December 03, 2015.

Important:

  • This release includes a bump of PostgreSQL from 9.4.2 to 9.4.5. It also drops support for migrating databases running PostgreSQL 9.0.3 or lower. This means that you will not be able to upgrade directly from a version less than or equal to v210 to a version greater than or equal to v226 if you are using the postgres job within cf-release.

Contents:

CC and Service Broker APIs

CC API Version: 2.44.0

Service Broker API Version: 2.8

  • Brokers may now include a requires: [“route_forwarding”] on their catalog endpoint.
  • On bind, the Cloud Controller will now send a new top-level key, bind_resource, under which the required parameters of the binding are found. This would include, for example, app_guid for an app binding and route for a route binding. For backwards compatibility, app_guid will remain a top-level key in addition to being included in the bind_resource.
  • Adds support for a route_service_url key in the binding response.

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on TCP Routing details
  • Service Usage Events now expire after manifest configurable number of days details
    • cc.service_usage_events.cutoff_age_in_days defaults to 31 days.
    • More info about using usage events can be found here
  • Remove experimental flag on space quota app instance limit details , apidoc
    • cf CLI support has not yet been added, but api implementation is complete
  • cloudfoundry/cloud_controller_ng #428: extraneous log stmts details
    • Removed some logs that were duplicative and merged route info into other log lines
  • cloudfoundry/cloud_controller_ng #458: Too many params on Delete Application details
  • Increased character limit on tags for service instances to 2048 details
  • cloudfoundry/cloud_controller_ng #459: User provided service instances should handle errors when renaming details

Runtime

DEA

No changes.

Warden

No changes.

HM9000

No changes.

Buildpacks and Stacks

stacks

updated to 1.20.0 (from 1.17.0)

1.20.0

Notably, this release addresses USN-2821-1 "GnuTLS vulnerability" and USN-2820-1 "dpkg vulnerability", which address:

1.19.0

Notably, this release addresses USN-2815-1, "libpng vulnerabilities", which is related to:

  • CVE-2012-3425 "The png_push_read_zTXt function in pngpread.c in libpng 1.0.x before 1.0.58, 1.2.x before 1.2.48, 1.4.x before 1.4.10, and 1.5.x before 1.5.10 allows remote attackers to cause a denial of service (out-of-bounds read) via a large avail_in field value in a PNG image."
  • CVE-2015-7981 "read out of bound"
  • CVE-2015-8126 "Multiple buffer overflows in the (1) png_set_PLTE and (2) png_get_PLTE functions in libpng before 1.0.64, 1.1.x and 1.2.x before 1.2.54, 1.3.x and 1.4.x before 1.4.17, 1.5.x before 1.5.24, and 1.6.x before 1.6.19 allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a small bit-depth value in an IHDR (aka image header) chunk in a PNG image."

1.18.0

Notably, this release addresses USN-2812-1, "libxml2 vulnerabilities", which is related to:

  • CVE-2015-1819 "The xmlreader in libxml allows remote attackers to cause a denial of service (memory consumption) via crafted XML data, related to an XML Entity Expansion (XEE) attack."
  • CVE-2015-7941 "out-of-bounds memory access"
  • CVE-2015-7942 "heap-buffer-overflow in xmlParseConditionalSections"
  • CVE-2015-8035 "DoS via crafted xz file"

as well as USN-2810-1, "Kerberos vulnerabilities", which is related to:

  • CVE-2002-2443 "schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103."
  • CVE-2014-5355 "MIT Kerberos 5 (aka krb5) through 1.13.1 incorrectly expects that a krb5_read_message data field is represented as a string ending with a '\0' character, which allows remote attackers to (1) cause a denial of service (NULL pointer dereference) via a zero-byte version string or (2) cause a denial of service (out-of-bounds read) by omitting the '\0' character, related to appl/user_user/server.c and lib/krb5/krb/recvauth.c."
  • CVE-2015-2694 "The kdcpreauth modules in MIT Kerberos 5 (aka krb5) 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing (1) zero bytes of data or (2) an arbitrary realm name, related to plugins/preauth/otp/main.c and plugins/preauth/pkinit/pkinit_srv.c."
  • CVE-2015-2695 "lib/gssapi/spnego/spnego_mech.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted SPNEGO packet that is mishandled during a gss_inquire_context call."
  • CVE-2015-2696 "lib/gssapi/krb5/iakerb.c in MIT Kerberos 5 (aka krb5) before 1.14 relies on an inappropriate context handle, which allows remote attackers to cause a denial of service (incorrect pointer read and process crash) via a crafted IAKERB packet that is mishandled during a gss_inquire_context call."
  • CVE-2015-2697 "The build_principal_va function in lib/krb5/krb/bld_princ.c in MIT Kerberos 5 (aka krb5) before 1.14 allows remote authenticated users to cause a denial of service (out-of-bounds read and KDC crash) via an initial '\0' character in a long realm field within a TGS request."
  • CVE-2015-2698 "memory corruption caused due to original patch for CVE-2015-2696"

go-buildpack

updated to v1.7.0 (from v1.6.3)

v1.7.0

Packaged binaries:

name version cf_stacks
go 1.4.1 cflinuxfs2
go 1.4.2 cflinuxfs2
go 1.4.3 cflinuxfs2
go 1.5 cflinuxfs2
go 1.5.1 cflinuxfs2
godep v17 cflinuxfs2
  • SHA256: ffa187787f322cb8fe0e71a2749abec18c45c829e1058a0c1da39619ae8...
Read more
Loading

v225

18 Nov 08:17
v225
545c1f9
Compare
Choose a tag to compare
v225

The cf-release v225 was released on November 16, 2015.

Contents:

CC and Service Broker APIs

CC API Version: 2.43.0

Service Broker API Version: 2.7

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on TCP Routing details
  • HM9000 HTTP client now uses default SSL cert store details
  • Fixed bug introduced in cf-release v223 where CC did not immediately stop Diego apps details

Runtime

DEA

  • Enable staging and running bandwidth configuration. details

Warden

  • Add IFB interface to limit container egress (host ingress) bandwidth. details

HM9000

No changes.

Buildpacks and Stacks

stacks

updated to 1.17.0 (from 1.15.0)

1.17.0

Notably, this release addresses USN-2788-2, "unzip vulnerabilities", which is related to:

  • CVE-2015-7696 "Heap buffer overflow when extracting password-protected archive"
  • CVE-2015-7697 "Infinite loop when extracting password-protected archive"

1.16.0

This release contains only non-critical updates to the rootfs. See the receipt changes at this commit for more information.

This release notably adds a set of commonly-used locales. See https://github.com/cloudfoundry/stacks/blob/master/cflinuxfs2/build/generate-all-locales.sh for details of what's supported.

nodejs-buildpack

updated to v1.5.2 (from v1.5.1)

v1.5.2

Packaged binaries:

name version cf_stacks
node 0.10.38 cflinuxfs2
node 0.10.40 cflinuxfs2
node 0.11.15 cflinuxfs2
node 0.11.16 cflinuxfs2
node 0.12.6 cflinuxfs2
node 0.12.7 cflinuxfs2
node 4.2.2 cflinuxfs2
  • SHA256: 2a8ac3edddd59d03ebb1664f20a8bad9aecab839ab88d7800a82c364dd47f7e6

Identity

No Changes

Routing

Work continues on support for TCP Routing

  • CC API client can now request a random port when creating a TCP route using query parameter ?generate_port=true details
  • CC API client can now retrieve TCP routes for a specified port using query parameter ?q=port:1024 details

Loggregator

  • No changes since 224

Internal Components

No changes to any internal components.

Job Spec Changes

  • Added dea_next.staging_bandwidth_limit.rate, dea_next.staging_bandwidth_limit.burst, dea_next.instance_bandwidth_limit.rate, and dea_next.instance_bandwidth_limit.burst properties to dea_next job. details

Recommended BOSH Release and Stemcell Versions

  • BOSH Release Version: bosh/223
  • BOSH Stemcell Version(s): bosh-aws-xen-hvm-ubuntu-trusty-go_agent/3104

These are soft recommendations; several different versions of the BOSH release and stemcell are likely to work fine with this version of cf-release.

Recommended Diego Version

This is a soft recommendation; several different versions of the diego-release may work fine with this version of cf-release.

Recommended Garden Linux Version

This is a soft recommendation; several different versions of the garden-linux release may work fine with this version of cf-release and the aforementioned version of diego-release.

Recommended ETCD Version for Diego Deployment

  • Etcd final release 18

This is a soft recommendation; several different versions of the etcd release may work fine with this version of cf-release and the aforementioned version of diego-release.

Loading

v224

11 Nov 23:33
v224
55e40e2
Compare
Choose a tag to compare
v224

The cf-release v224 was released on November 10, 2015.

Important:

  • The previous version v223 was marked as a pre-release due to a memory leak introduced in the doppler job. This issue has been fixed in this release.

Contents:

CC and Service Broker APIs

CC API Version: 2.42.0

Service Broker API Version: 2.7

Cloud Controller

  • No changes since cf-release v223

Runtime

No changes to any components.

Buildpacks and Stacks

nodejs-buildpack

updated to v1.5.1 (from v1.5.0)

v1.5.1

Packaged binaries:

name version cf_stacks
node 0.10.38 cflinuxfs2
node 0.10.40 cflinuxfs2
node 0.11.15 cflinuxfs2
node 0.11.16 cflinuxfs2
node 0.12.6 cflinuxfs2
node 0.12.7 cflinuxfs2
node 4.2.2 cflinuxfs2
  • SHA256: 82f1310e90626a4c451274c25d8cac8679862bc21a6d2157c9c617283bc7c315

php-buildpack

updated to v4.2.1 (from v4.2.0)

v4.2.1

Packaged binaries:

name version cf_stacks modules
php 5.5.29 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.5.30 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.6.14 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.6.15 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
hhvm 3.5.0 cflinuxfs2
hhvm 3.5.1 cflinuxfs2
hhvm 3.6.0 cflinuxfs2
hhvm 3.6.1 cflinuxfs2
composer 1.0.0-alpha10 cflinuxfs2
httpd 2.4.17 cflinuxfs2
newrelic 4.23.3.111 cflinuxfs2
nginx 1.6.3 cflinuxfs2
nginx 1.8.0 cflinuxfs2
nginx 1.9.6 cflinuxfs2
  • SHA256: 0d889a3137daee9e8972bdbb4fc01f3a58d644c93e1cbff8f180251ae7bcc1ff

ruby-buildpack

updated to v1.6.8 (from v1.6.7)

v1.6.8

Packaged binaries:

name version cf_stacks
ruby 2.0.0 cflinuxfs2
ruby 2.1.6 cflinuxfs2
ruby 2.1.7 cflinuxfs2
ruby 2.2.2 cflinuxfs2
ruby 2.2.3 cflinuxfs2
jruby ruby-1.9.3-jruby-1.7.22 cflinuxfs2
jruby ruby-2.0.0-jruby-1.7.22 cflinuxfs2
jruby ruby-2.2.2-jruby-9.0.3.0 cflinuxfs2
node 0.12.7 cflinuxfs2
bundler 1.9.7 cflinuxfs2
libyaml 0.1.6 cflinuxfs2
openjdk1.8-latest 1.8.0_65 cflinuxfs2
rails3_serve_static_assets - cflinuxfs2
rails_log_stdout - cflinuxfs2
  • SHA256: 5a246651a99101409ec9eb8b2094836595e6da639d0e3828b86faae8bc47a0e6

Identity

No changes to any components.

Routing

  • Acceptance test suite now includes optional coverage for route services feature details

Loggregator

  • Doppler memory leak present in 223 fixed. (Timers allocated and not freed)
  • First elements of the feature work on Metron->Doppler TCP is implemented. However this feature is not yet finished and should not be used.

Internal Components

No changes to any components.

Job Spec Changes

  • Renamed doppler.tls_listener.port, doppler.tls_listener.cert, and doppler.tls_listener.key properties in doppler job to doppler.tls_server.port, doppler.tls_server.cert, and doppler.tls_server.key, respectively. details
  • Added loggregator.tls.ca property to doppler job. details
  • Removed legacy metron_agent.incoming_port property from metron_agent job. details
  • Added metron_agent.preferred_protocol property to metron_agent job. details
  • Added metron_agent.tls_client.cert, metron_agent.tls_client.key, and loggregator.tls.ca properties to metron_agent job. details

Recommended BOSH Release and Stemcell Versions

  • BOSH Release Version: bosh/219
  • BOSH Stemcell Version(s): bosh-aws-xen-hvm-ubuntu-trusty-go_agent/3104

These are soft recommendations; several different versions of the BOSH release and stemcell are likely to work fine with this version of cf-release.

Recommended Diego Version

This is a soft recommendation; several different versions of the diego-release may work fine with this version of cf-release.

Recommended Garden Linux Version

This is a soft recommendation; several different versions of the garden-linux release may work fine with this version of cf-release and the aforementioned version of diego-release.

Recommended ETCD Version for Diego Deployment

  • Etcd final release 18

This is a soft recommendation; several different versions of the etcd release may work fine with this version of cf-release and the aforementioned version of diego-release.

Loading

v223

04 Nov 23:18
v223
ebd045f
Compare
Choose a tag to compare
v223 Pre-release
Pre-release

The cf-release v223 was released on November 04, 2015.

Important:

  • On November 09, 2015, we identified the source of a memory leak in the doppler job that was introduced in this release. We are marking this as a pre-release, and do not recommend its usage. However, whenever skipping versions of cf-release in your deployments, one should study the release notes for all intermediate releases, including pre-releases, as the changes described in any set of release notes only describe the changes from the previous version, regardless of whether that previous version was an official release or pre-release. The memory leak should be fixed in v224.
  • The previous release introduced a default value for the login.self_service_links_enabled property that had minor backwards incompatible implications. The default value has now been removed.

Contents:

CC and Service Broker APIs

CC API Version: 2.42.0

Service Broker API Version: 2.7

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on Route Services details
  • Changed the key for buildpack_cache stored in the blobstore to allow for more consistent deletion details
    • This change in key will orphan some buildpack_cache blobs. It's recommended to purge the buildpack_cache in order to reclaim this space on the blobstore api
  • Attempt to deadlock less on create/delete of service instances details
  • Fixed issue that allowed an Org Auditor to share a private domain to another org that user had Org Manager privileges on details
  • Fixed issue that blocked deletion of an app that had diego enabled when diego components are down details
  • Now return an array of instances in the "DOWN" state from /stats end point for apps when staging on Diego to be more consistent with behavior for apps staging on DEAs details
  • Truncated all data related to experimental v3 apps details
    • This will orphan blobs associated with any v3 apps you have pushed.
    • This will remove all v3 apps from cloud controller's knowledge
  • cloudfoundry/cloud_controller_ng #453: Return 204 on successful delete of associations details
    • This affects many end points and is documented in the tracker story. They were previously incorrectly returning 201 responses.

Runtime

DEA

  • Bump vcap_common gem to v4.0.3 to use 1.2.3.4 as destination for detecting local IP. details
  • Switch to dropsonde protocol. details

Warden

  • Use 1.2.3.4 as destination for detecting local IP. details

HM9000

No changes.

Buildpacks and Stacks

Buildpacks and Stacks

stacks

updated to 1.15.0 (from 1.11.0)

1.15.0

Notably, this release addresses USN-2788-1 "unzip vulnerabilities", which is related to:

  • CVE-2015-7696 "Heap buffer overflow when extracting password-protected archive"
  • CVE-2015-7697 "Infinite loop when extracting password-protected archive"

1.14.0

Notably, this release addresses USN-2787-1, "audiofile vulnerability", which is related to:

  • CVE-2015-7747 "made to crash or run programs as your login if it opened a specially crafted file"

1.13.0

This release contains only non-critical updates to the rootfs. See the receipt changes at this commit for more information.

1.12.0

This release contains only non-critical updates to the rootfs. See the receipt changes at this commit for more information.

go-buildpack

updated to v1.6.3 (from v1.6.2)

v1.6.3

Packaged binaries:

name version cf_stacks
go 1.2.1 cflinuxfs2
go 1.2.2 cflinuxfs2
go 1.3.2 cflinuxfs2
go 1.3.3 cflinuxfs2
go 1.4.1 cflinuxfs2
go 1.4.2 cflinuxfs2
go 1.4.3 cflinuxfs2
go 1.5 cflinuxfs2
go 1.5.1 cflinuxfs2
godep v14 cflinuxfs2
  • SHA256: cdf380c423b0ba8f66ba0f24d85120a6279a05b37319aa7de10fafec5f487d27

java-buildpack

updated to v3.3.1 (from v3.3)

v3.3.1

This release contains a new debug framework and ensures that the dependencies contained in the offline buildpack are up to date.

For a more detailed look at the changes in 3.3.1, please take a look at the commit log. Packaged versions of the buildpack, suitable for use with create-buildpack and update-buildpack, can be found attached to this release.

Packaged Dependencies:

Dependency Version
AppDynamics Agent 4.1.5_3
GemFire 8.0.0
GemFire Modules 8.0.0.1
GemFire Modules Tomcat7 8.0.0.1
GemFire Security 8.0.0
Groovy 2.4.5
JRebel 6.2.6
MariaDB JDBC 1.2.3
Memory Calculator (mountainlion) 2.0.0.RELEASE
Memory Calculator (precise) 2.0.0.RELEASE
Memory Calculator (trusty) 2.0.0.RELEASE
New Relic Agent 3.21.0
OpenJDK JRE (mountainlion) 1.8.0_65
OpenJDK JRE (precise) 1.8.0_65
OpenJDK JRE (trusty) 1.8.0_65
Play Framework JPA Plugin 1.10.0.RELEASE
PostgreSQL JDBC 9.4.1204
RedisStore 1.2.0_RELEASE
SLF4J API 1.5.8
SLF4J JDK14 1.5.8
Spring Auto-reconfiguration 1.10.0_RELEASE
Spring Boot CLI 1.2.7_RELEASE
Tomcat Access Logging Support 2.4.0_RELEASE
Tomcat Lifecycle Support 2.4.0_RELEASE
Tomcat Logging Support 2.4.0_RELEASE
Tomcat 8.0.28

php-buildpack

updated to v4.2.0 (from v4.1.5)

v4.2.0

Packaged binaries:

name version cf_stacks modules
php 5.5.29 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.5.30 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.6.13 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, x...
Read more
Loading

v222

22 Oct 00:12
v222
e4eb9f4
Compare
Choose a tag to compare
v222

The cf-release v222 was released on October 19, 2015.

Important:

  • With this release, the default behavior is to hide the Create Account & Reset Password links on the UAA Login Page. Please set the login.self_service_links_enabled property to true (either on the uaa jobs or in the global properties section) in your deployment manifest to make these links visible. This will soon be corrected in an upcoming release to default to true, so it will not be necessary to specify in your manifests. Because the impact of this change is not critical, and easy to fix, this release is not being marked as a pre-release. details
  • If you are using the "spiff" templates for manifest generation located in the templates directory of the cf-release repo, they are no longer overriding the defaults in for the DEAs' overcommit factors. If you were depending on the overrides in the templates, you should not be specifying overrides in your stubs. details

Contents:

CC and Service Broker APIs

CC API Version: 2.41.0

Service Broker API Version: 2.7

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on Route Services details
  • cloudfoundry/cloud_controller_ng #444: app.rb: has_stop_event_for_latest_run? definition removed, but one use remains details

Runtime

DEA

No changes.

Warden

HM9000

No changes.

Buildpacks and Stacks

stacks

updated to 1.11.0 (from 1.9.0)

1.11.0

Notably, this release addresses USN-2767-1, "GDK-PixBuf vulnerabilities", which is related to:

  • CVE-2015-7673 "Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1"
  • CVE-2015-7674 "Heap overflow with a gif file in gdk-pixbuf < 2.32.1"

1.10.0

This release contains only non-critical updates to the rootfs. See the receipt changes at this commit for more information.

Identity

Known Issues

  • Self Service Links disabled on Login Page

With this release, the default behavior is to hide the Create Account & Reset Password links on the UAA Login Page. Please set _self_service_links_enabled_ to _true_ under login section of the cf manifest to make these links visible

Pull Requests
Merged pull request to clean up UAA spec & templates and remove references to unused properties details

Routing

  • Routing API request body is now flat for TCP resources details

Work continues on adding support for Route Services to CC API (epic)

  • User-provided service instances can now be created with a route_service_url, bound to a route, and unbound from a route
  • End-to-end acceptance tests added for the route services feature

Work continues on support for TCP routes in CF (epic)

  • TCP Routes are deleted when removed with an updateLRP call to Diego

Loggregator

Internal Components

consul

No changes.

etcd

No changes.

etcd-metrics-server

No changes.

route_registrar

No changes.

Job Spec Changes

  • Remove unused login.links.home, login.links.network, and login.links.signup-network properties from uaa job. details
  • Remove Pivotal-specific default value for login.links.passwd property in uaa job. details
  • Add login.self_service_links_enabled property to uaa job. details

Recommended BOSH Release and Stemcell Versions

  • BOSH Release Version: bosh/201
  • BOSH Stemcell Version(s): bosh-aws-xen-hvm-ubuntu-trusty-go_agent/3104

These are soft recommendations; several different versions of the BOSH release and stemcell are likely to work fine with this version of cf-release.

Recommended Diego Version

This is a soft recommendation; several different versions of the diego-release may work fine with this version of cf-release.

Recommended Garden Linux Version

This is a soft recommendation; several different versions of the garden-linux release may work fine with this version of cf-release and the aforementioned version of diego-release.

Recommended ETCD Version for Diego Deployment

  • Etcd final release 16

This is a soft recommendation; several different versions of the etcd release may work fine with this version of cf-release and the aforementioned version of diego-release.

Loading

v221

16 Oct 22:18
v221
ce5a011
Compare
Choose a tag to compare
v221

The cf-release v221 was released on October 14, 2015.

Important:

  • As we extract components from cf-release to be independently testable and consumable, we've extracted etcd-release. It is now being used in cf-release, diego-release, and several other releases. More information, including links to view etcd-release's robust CI pipelines can be seen in the GitHub repo. One significant change in this release is that client-server communication and server-server peer communication now uses SSL by default. However, components in cf-release don't yet support communicating with the etcd servers in SSL mode, so you must set the etcd.require_peer_ssl and etcd.require_ssl properties explicitly to false on your etcd jobs. Additionally, Diego components do support SSL communication with etcd, so if you have multiple etcd clusters within the same deployment (one for cf-release components and another for diego-release components), you should not set these properties globally; only disable SSL on the etcd cluster used for cf-release components.

Contents:

CC and Service Broker APIs

CC API Version: 2.40.0

Service Broker API Version: 2.7

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on Route Services details
  • Changed the directory key for app's buildpack_cache to allow for more consistent deletion details
    • The full path for the buildpack cache of an app with guid abcd-efgh on stack cflinuxfs2 would end up looking like buildpack_cache/ab/cd/abcd-efgh/cflinuxfs2
    • changing this key will orphan some buildpack cache blobs. To clean this up, an admin can call the buildpack_cache delete end point
    • Users re-pushing apps may experience a slightly longer staging time on the first push after upgrading to this release or after deleting the entire buildpack_cache.
  • Use the dropsonde protocol for emitting metrics details
  • Fixed issue where admins could not tail logs for apps in spaces they were not a member of details
  • cloudfoundry/cloud_controller_ng #446: Buildpacks are requested details
    • Exposes an internal endpoint for getting URLs for all the buildpacks and removed the buildpack NATs message
  • Updated HTTPClient gem details
  • Updated to loggregator_emitter 5.0.1 details

Runtime

DEA

  • DEA hits CC HTTP endpoint on startup to fetch buildpack URIs, rather than gleaning them from response to dea.advertise NATS message. details

Warden

No changes.

HM9000

No changes.

Buildpacks and Stacks

java-buildpack

updated to v3.3 (from v3.2)

v3.3

  • When processing Java Options the $ and \ characters are no longer escaped to allow environment properties to be used. (see the documentation)
  • Improved Luna Security Provider HA Support
  • Improved configuration of the DynaTrace agent. (via Tom Collings)
  • Better AppDynamics code comments. (via Nikhil Katre)
  • Better documentation of the Oracle JRE support. (via Dominik Bartholdi)

For a more detailed look at the changes in 3.3, please take a look at the commit log.

Packaged Dependencies:

Dependency Version
AppDynamics Agent 4.1.4_2
GemFire 8.0.0
GemFire Modules 8.0.0.1
GemFire Modules Tomcat7 8.0.0.1
GemFire Security 8.0.0
Groovy 2.4.5
JRebel 6.2.5
MariaDB JDBC 1.2.2
Memory Calculator (mountainlion) 2.0.0.RELEASE
Memory Calculator (precise) 2.0.0.RELEASE
Memory Calculator (trusty) 2.0.0.RELEASE
New Relic Agent 3.21.0
OpenJDK JRE (mountainlion) 1.8.0_60
OpenJDK JRE (precise) 1.8.0_60
OpenJDK JRE (trusty) 1.8.0_60
Play Framework JPA Plugin 1.10.0.RELEASE
PostgreSQL JDBC 9.4.1203
RedisStore 1.2.0_RELEASE
SLF4J API 1.5.8
SLF4J JDK14 1.5.8
Spring Auto-reconfiguration 1.10.0_RELEASE
Spring Boot CLI 1.2.6_RELEASE
Tomcat Access Logging Support 2.4.0_RELEASE
Tomcat Lifecycle Support 2.4.0_RELEASE
Tomcat Logging Support 2.4.0_RELEASE
Tomcat 8.0.27

php-buildpack

updated to v4.1.5 (from v4.1.4)

v4.1.5

Packaged binaries:

name version cf_stacks modules
php 5.4.44 cflinuxfs2 amqp, apc, apcu, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib, zookeeper
php 5.4.45 cflinuxfs2 amqp, apc, apcu, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib, zookeeper
php 5.5.29 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.5.30 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.6.13 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xsl, yaf, zip, zlib
php 5.6.14 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
hhvm 3.5.0 cflinuxfs2
hhvm 3.5.1 cflinuxfs2
hhvm 3.6.0 cflinuxfs2
hhvm 3.6.1 cflinuxfs2
composer 1.0.0-alpha10 cflinuxfs2
httpd 2.4.16 cflinuxfs2
newrelic 4.23.3.111 cflinuxfs2
nginx 1.6.3 cflinuxfs2
nginx 1.8.0 cflinuxfs2
nginx 1.9.5 cflinuxfs2

Identity

  • Bumped UAA to version 2.7.0.3 [details]...
Read more
Loading

v220

14 Oct 22:16
v220
6793254
Compare
Choose a tag to compare
v220

The cf-release v220 was released on October 08, 2015.

Important:

  • These release notes reflect the changes since v219, even though v219 was marked as a "pre-release". The issue with v219 was minor, but if you skipped from v218 straight to v220, you should study release notes for both v219 and v220.
  • All route registration for UAA, Cloud Controller, Loggregator, and HM9000 is now being done by colocating the route_registrar job. These components no longer advertise routes in their own source code. See job configuration examples for UAA, Cloud Controller, Loggregator, and HM900.
  • UAA now uses statsd to emit metrics to a colocated Metron Agent, which then forwards them on to Doppler and eventually out any Firehose you have configured and deployed. This is in service of deprecating the Collector and all /varz endpoints. You should collocate statsd-injector alongside uaa: example.

Contents:

CC and Service Broker APIs

CC API Version: 2.39.0

Service Broker API Version: 2.7

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on Route Services details
  • cloudfoundry/cloud_controller_ng #442: Introducing idempotency to service instance deletion details
  • Improve api doc for file permissions on app bits upload endpoint details apidoc
  • modify migration to support newer mysql versions details
  • Removed route registration from CC job. This is now handled by the route_registrar job in cf-release details
    • See release notes for v218 for details on the route_registrar job

Runtime

DEA

  • Close warden connections when destroyed. details
  • Close connections when staging is completed. details

Warden

No changes.

HM9000

No changes.

Buildpacks and Stacks

No changes from v219.

Identity

  • Bumped UAA to version 2.7.0.2 details

Routing

  • Work continues on support for TCP routes in CF with
    • updates to CLI to expose router groups (epic)
    • updates to routes and shared domains in CC API (epic)
  • Thanks to a PR from CAFxX, Gorouter logging performance has been optimized, log output is now consistent for missing fields, and superfluous zeros are no longer printed for request duration (story)

Loggregator

Internal Components

No changes.

Job Spec Changes

  • Added uaa.clients.cc_routing.secret property to cloud_controller_ng job. details
  • Removed etcd.machines property from dea_logging_agent job. details
  • Added loggregator.etcd.machines property to syslog_drain_binder, doppler, metron_agent, and loggregator_trafficcontroller jobs. details
  • Changed route_registrar.routes property in route_registrar job to accept tags to include with its route registrations. details

Recommended BOSH Release and Stemcell Versions

  • BOSH Release Version: 201
  • BOSH Stemcell Version(s): 3026

These are soft recommendations; several different versions of the BOSH release and stemcell are likely to work fine with this version of cf-release.

Recommended Diego Version

This is a soft recommendation; several different versions of the diego-release may work fine with this version of cf-release.

Recommended Garden Linux Version

This is a soft recommendation; several different versions of the garden-linux release may work fine with this version of cf-release and the aforementioned version of diego-release.

Loading

v219

09 Oct 00:15
v219
11a0754
Compare
Choose a tag to compare
v219 Pre-release
Pre-release

The cf-release v219 was released on October 02, 2015.

Important:

  • The bump in v219 to etcd-metrics-server turned out to not play nicely with collector, and caused collector to periodically crash. If your system is dependent on collector for metrics, this will affect your deployment. However, if you are not concerned with metrics from the etcd component, you can opt to not include etcd-metrics-server as part of your deployment. In standard deployments, it is colocated with the etcd_zN jobs; you can simply remove the template from the list of colocated jobs.
  • The uaa job has a property called router.servers which is meant to be an array of the IPs of the routers, and the haproxy job has two properties called router.servers.z1 and router.servers.z2. Specifying these properties in the global properties map in your deployment manifest will be troublesome; it is advised to specify these properties at the job level. The usual "spiff" manifest generation templates provided in the cf-release repository will do this out of the box for you.

Contents:

CC and Service Broker APIs

CC API Version: 2.37.0

Service Broker API Version: 2.6

NOTE: upgrading to this release includes a truncate of the events table

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on Route Services details
  • [Experimental] As an operator or Org Manager, I expect to be able to CRUD app instance limits in a space quota details
  • Added api docs for new feature flags introduced in cf-release 218 to control if roles can be managed by username by org managers/space managers details
  • Remove experimental labels on Org/Space user management by username details
  • Updated description and removed experimental flag for purge parameter on service instance delete details
  • Remove experimental flag for accepts_incomplete and last_operation.* on service_instances endpoints details
    • Will be bumping the service broker api to v2.7 in the next cf-release
  • Add app_ssh_oauth_client to /v2/info details
  • Add routing_endpoint to /v2/info details
  • cloudfoundry/cloud_controller_ng #438: Upgrade to Ruby 2.2.3 for Cloud Controller details
  • cloudfoundry/cloud_controller_ng #416: Service binding validation should assert syslog_drain_url is empty details
  • cloudfoundry/cloud_controller_ng #431: 430 use U.S. spelling of 'rspec', drop --profile details
  • cloudfoundry/cloud_controller_ng #418: Added new events table index on timestamp and id. details
  • add index to actee_type on events table and truncate events table details
  • Ensure file mode is considered for package blobs details
  • Fixed issue where purge-service-offering failed if there's a service instance that's marked as "in progress" details
  • Fixed bug where Space auditor could not view routes with private domains details

Runtime

No changes.

Buildpacks and Stacks

stacks

updated to 1.9.0 (from 1.8.0)

1.9.0

Notably, this release addresses USN-2740-1, "ICU vulnerabilities", which is related to:

go-buildpack

updated to v1.6.2 (from v1.6.0)

v1.6.2

Packaged binaries:

name version cf_stacks
go 1.2.1 cflinuxfs2
go 1.2.2 cflinuxfs2
go 1.3.2 cflinuxfs2
go 1.3.3 cflinuxfs2
go 1.4.2 cflinuxfs2
go 1.4.3 cflinuxfs2
go 1.5 cflinuxfs2
go 1.5.1 cflinuxfs2

v1.6.1

php-buildpack

updated to v4.1.4 (from v4.1.2)

v4.1.4

Packaged binaries:

name version cf_stacks modules
php 5.4.44 cflinuxfs2 amqp, apc, apcu, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib, zookeeper
php 5.4.45 cflinuxfs2 amqp, apc, apcu, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib, zookeeper
php 5.5.28 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.5.29 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xhprof, xsl, yaf, zip, zlib
php 5.6.12 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xsl, yaf, zip, zlib
php 5.6.13 cflinuxfs2 amqp, bz2, curl, dba, exif, fileinfo, ftp, gd, gettext, gmp, igbinary, imagick, imap, intl, ioncube, ldap, lua, mailparse, mbstring, mcrypt, memcache, memcached, mongo, msgpack, mysql, mysqli, opcache, openssl, pcntl, pdo, pdo_mysql, pdo_pgsql, pdo_sqlite, pgsql, phalcon, phpiredis, protobuf, protocolbuffers, pspell, readline, redis, snmp, soap, sockets, suhosin, sundown, twig, xcache, xdebug, xsl, yaf, zip, zlib
hhvm 3.5.0 cflinuxfs2
hhvm 3.5.1 cflinux...
Read more
Loading

v218

28 Sep 20:00
v218
5fd76c7
Compare
Choose a tag to compare
v218

The cf-release v218 was released on September 22, 2015.

Important:

  • In v217, we extracted a route_registrar job. When deploying this release, it should be colocated with cloud_controller_ng, uaa, hm9000, and loggregator_trafficcontroller jobs. In this release, it is required to colocate them with uaa and hm9000 as they no longer register their own routes. In subsequent releases it will be required for cloud_controller_ng and loggregator_trafficcontroller as well. There is no harm in colocating it in all the places now as it is safe to duplicate the route registration. The spec fixture manifests provide examples of how to colocate and configure the route_registrar job, for example here is how it is colocated with the uaa in zone 1: [configuration] [colocation].

Contents:

CC and Service Broker APIs

CC API Version: 2.36.0

Service Broker API Version: 2.6

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on Route Services details
  • cloudfoundry/cloud_controller_ng #409: Pending apps filtered from Health Manager instances count details
  • modified newrelic config to specify hostname correctly details
  • Fixed cc USR1 trap to allow dumping thread information from a running cc process details
  • Added new admin only endpoint to purge a single service instance, its service bindings and service keys details apidoc
    • Use with caution. This endpoint removes all knowledge of the service instance from cloud controller.
    • Experimental flag will be removed in the next cf-release
  • Updated fog gem to 1.34
  • cloudfoundry/cloud_controller_ng #417: Broken cc.runner logger fixed details
  • cloudfoundry/cloud_controller_ng #421: Select from a larger pool of stagers if needed details
    • cc.placement_top_stager_percentage is the new manifest configuration, defaults to 10. Cloud controller will now select either the best 5 stagers or X% of available stagers, whichever is greater to select from for placement, where X is the value specified in this config.
  • Added new endpoints to allow Org and Space managers to add users by username details
    • Associate Auditor with the Organization by Username apidoc
    • Associate Billing Manager with the Organization by Username apidoc
    • Associate Manager with the Organization by Username apidoc
    • Associate User with the Organization by Username apidoc
    • Associate Auditor with the Space by Username apidoc
    • Associate Developer with the Space by Username apidoc
    • Associate Manager with the Space by Username apidoc
  • Added feature flags to control whether management of roles by username is allowed
    • set_roles_by_username
    • unset_roles_by_username
    • When enabled, Org Managers or Space Managers can add access roles by username. In order for this feature to be enabled the CF operator must: 1) Enable the /ids/users/ endpoint for UAA 2) Create a UAA cloud_controller_username_lookup client with the scim.userids authority
  • cloudfoundry/cloud_controller_ng #423: Enable nginx log format and destination config details
    • cc.nginx_access_log_format
    • cc.nginx_error_log_destination

Runtime

DEA

No functional changes.

Warden

No functional changes.

HM9000

  • HM9k no longer registers its own route. details

Buildpacks and Stacks

stacks

updated to 1.8.0 (from 1.7.0)

1.8.0

Notably, this release addresses USN-2739-1, "FreeType vulnerabilities".

java-buildpack

updated to v3.2 (from v3.1.1)

v3.2

This release focuses on more options to configure JRE memory settings.

  • Memory calculator 2.0.0 which includes support for specifying initial memory values and expected thread values.
  • Support for Luna HSM service to provide entropy.
  • Improved Dynatrace documentation. (via Josef Hoerandtner)
  • Allow any additional New Relic configuration to be passed through to the agent. (via Bryan Custer)
  • Support for Spring Insight updated to version 2.0.0.

For a more detailed look at the changes in 3.2, please take a look at the commit log. Packaged versions of the buildpack, suitable for use with create-buildpack and update-buildpack, can be found attached to this release.

Packaged Dependencies

Dependency Version
AppDynamics Agent 4.1.3_1
GemFire 8.0.0
GemFire Modules 8.0.0.1
GemFire Modules Tomcat7 8.0.0.1
GemFire Security 8.0.0
Groovy 2.4.4
JRebel 6.2.3
MariaDB JDBC 1.2.0
Memory Calculator (mountainlion) 2.0.0.RELEASE
Memory Calculator (precise) 2.0.0.RELEASE
Memory Calculator (trusty) 2.0.0.RELEASE
New Relic Agent 3.20.0
OpenJDK JRE (mountainlion) 1.8.0_60
OpenJDK JRE (precise) 1.8.0_60
OpenJDK JRE (trusty) 1.8.0_60
Play Framework JPA Plugin 1.10.0.RELEASE
PostgreSQL JDBC 9.4.1202
RedisStore 1.2.0_RELEASE
SLF4J API 1.5.8
SLF4J JDK14 1.5.8
Spring Auto-reconfiguration 1.10.0_RELEASE
Spring Boot CLI 1.2.5_RELEASE
Tomcat Access Logging Support 2.4.0_RELEASE
Tomcat Lifecycle Support 2.4.0_RELEASE
Tomcat Logging Support 2.4.0_RELEASE
Tomcat 8.0.26

php-buildpack

updated to v4.1.2 (from v4.0.0)

v4.1.2

Note that 4.1.0 and 4.1.1 were not released.

Read more
Loading