Skip to content

uaa/13.12

You can find the source of this version on GitHub at cloudfoundry/uaa-release. It was created based on the commit fa63d6d9.

Release Notes

This is a security release addressing the following issues - CVE-2017-4972: Blind SQL Injection in UAA (high severity) - CVE-2017-4973: Privilege Escalation in UAA (high severity)

Usage

You can reference this release in your deployment manifest from the releases section:

- name: "uaa"
  version: "13.12"
  url: "https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=13.12"
  sha1: "a7fe7afcfb0f38a4e3bf9c07135f2d665bea4603"

Or upload it to your director with the upload-release command:

bosh upload-release --sha1 a7fe7afcfb0f38a4e3bf9c07135f2d665bea4603 \
  "https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=13.12"

Jobs

Packages