SHNotes
This is a security release addressing the following issues - CVE-2017-4991: UAA password reset vulnerability (high severity)
Usage
Upload this release version to the Director:
$ bosh upload-release https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=30.2 --sha1 14f34a93e21c2723ccde11bff5b693a465cb72df
Modify deployment manifest to use this release in addition to any other used releases:
releases: - name: uaa version: "30.2"
Finally add needed deployment jobs and specify values for required properties.
Download
Optionally download sha1: 14f34a93e21c2723ccde11bff5b693a465cb72df release tarball locally:
# ...or download it directly using curl $ curl -L -J -O https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=30.2 # or with wget... $ wget --content-disposition https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=30.2