uaa/13.9

You can find the source of this version on GitHub at cloudfoundry/uaa-release. It was created based on the commit 63e2ef4b.

Release Notes¶

Please use this security release to patch the following CVEs

CVE-2016-6659 UAA Privilege Escalation
CVE-2016-6816 Apache Tomcat Information Disclosure
- Updated to Tomcat 8.0.39

Other Security Updates

Restrict to TLS v1.2 with the following ciphers: - TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Usage¶

You can reference this release in your deployment manifest from the releases section:

- name: "uaa"
  version: "13.9"
  url: "https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=13.9"
  sha1: "1612f47d53aad492401819489d55ae66bfb041b9"

Or upload it to your director with the upload-release command:

bosh upload-release --sha1 1612f47d53aad492401819489d55ae66bfb041b9 \
  "https://bosh.io/d/github.com/cloudfoundry/uaa-release?v=13.9"

uaa/13.9

Release Notes¶

Please use this security release to patch the following CVEs

Other Security Updates

Usage¶

Jobs¶

Packages¶