Skip to content

uaa/13.1

You can find the source of this version on GitHub at cloudfoundry/uaa-release. It was created based on the commit dd41a9a2.

Release Notes

Updated to UAA Release 3.6.1

Please use this security release to patch the following CVEs on top UAA Release 3.6.0 - CVE-2016-6651 Privilege Escalation in UAA - CVE-2016-6636 UAA Open Redirect Vulnerability for Subdomains - CVE-2016-6637 UAA CSRF Vulnerability for OAuth Approvals - CVE-2016-5016 UAA Accepts Expired Certificates

Usage

You can reference this release in your deployment manifest from the releases section:

- name: "uaa"
  version: "13.1"
  url: "https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=13.1"
  sha1: "ae293cb9fcb73f6ed4c682dc5b7d975df03c385d"

Or upload it to your director with the upload-release command:

bosh upload-release --sha1 ae293cb9fcb73f6ed4c682dc5b7d975df03c385d \
  "https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=13.1"

Jobs

Packages