v246

@cf-release-notes-bot cf-release-notes-bot released this Nov 3, 2016 · 192 commits to master since this release

The cf-release v246 was released on November 03, 2016.

IMPORTANT

  • With this release UAA defaults to enforcing signature validation on Incoming SAML Assertions. Please make sure any SAML Identity configured for UAA is sending only signed SAML assertions

Contents:

CC and Service Broker APIs

Contains CAPI release v1.10.0. Release notes for v1.8.0, v1.9.0, and v1.10.0

Identity

Updated to UAA Release 3.8.0
Spec changes can be found here

Routing

Routing-release bumped to 0.141.0

Loggregator

No changes.

Buildpacks and Stacks

stacks

updated to 1.89.0 (from 1.86.0)

1.89.0

No CVEs present. Notably, this release introduces the libsasl2-dev package.

1.88.0

No CVEs present.

1.87.0

No CVEs present.

binary-buildpack

updated to v1.0.5 (from v1.0.4)

v1.0.5

go-buildpack

updated to v1.7.14 (from v1.7.13)

v1.7.14

Default binary versions: go 1.6.3

java-buildpack

updated to v3.10 (from v3.9)

v3.10

I'm pleased to announce the release of the java-buildpack, version 3.10. This release updates the Dynatrace frameworks.

For a more detailed look at the changes in 3.10, please take a look at the commit log. Packaged versions of the buildpack, suitable for use with create-buildpack and update-buildpack, can be found attached to this release.

nodejs-buildpack

updated to v1.5.22 (from v1.5.21)

v1.5.22

  • Add node 6.9.0 and 6.8.1, remove node 6.6.0 and 6.7.0
  • Add node 0.10.48, remove node 0.10.46
  • Add node 0.12.17, remove node 0.12.15
  • Add node 4.6.1, remove node 4.5.0
  • Address USN-3087-1: OpenSSL vulnerabilities with node 6.8.1 and 6.9.0
  • NOTICE: Node.js 0.10 will be removed after October 31, 2016 due to end of LTS

Default binary versions: node 4.6.0

php-buildpack

updated to v4.3.21 (from v4.3.20)

v4.3.21

  • Address USN-3095-1 and associated CVEs with PHP 5.6.27 and 7.0.12
  • Add support for rdkafka in PHP 7
  • Add php 5.6.26 and 5.6.27, remove php 5.6.24 and 5.6.25
  • Add php 7.0.11 and 7.0.12, remove php 7.0.9 and 7.0.10
  • Add nginx 1.11.5, remove nginx 1.11.4
  • Add nginx 1.10.2, remove nginx 1.10.1

Default binary versions: php 5.5.38, composer 1.2.1, httpd 2.4.23, newrelic 6.3.0.161, nginx 1.11.5

python-buildpack

updated to v1.5.11 (from v1.5.10)

v1.5.11

Default binary versions: python 2.7.12

ruby-buildpack

updated to v1.6.27 (from v1.6.26)

v1.6.27

  • Add node 4.6.1, remove node 4.6.0
  • Add bundler 1.13.5, remove bundler 1.13.1

Default binary versions: ruby 2.3.1, node 4.6.1

staticfile-buildpack

updated to v1.3.12 (from v1.3.11)

v1.3.12

DEA-Warden-HM9000 Runtime

  • Fixed container startup issues with Linux 4.4
  • Improved HM9000 actual state processing time for large number of instances (> 10k)
  • Reduced connection count to etcd on start when there is a stampede on start ( 35k -> 65)

Internal Components

postgres-release (includes postgres job)

  • No changes.

etcd-release (includes etcd and etcd_metrics_server jobs)

  • Bumped from v73 to v77. Functional changes:
  • Add network diagnostics logging to etcd job details

consul-release (includes consul_agent job)

  • Bumped from v126 to v133. Functional changes:
  • consul_agent job only drains when in server mode, not in client mode. details
  • Set performance raft_multiplier to 1 for Consul process. details
  • Change default value of consul.agent.dns_config.allow_stale to true and consul.agent.dns_config.max_stale to 30s in consul_agent job. details
  • consul_agent job running in mode: server no longer needs to be configured with consul.agent_cert or consul.agent_key properties. details

nats-release (includes nats and nats_stream_forwarder jobs)

  • Bumped from v11 to v14. Functional changes: bump to golang 1.7, enables forwarding of nats logs to a syslog drain

Recommended Versions of Additional Releases

These versions are soft recommendations, as several different versions of these releases may work correctly with this version of cf-release.

Job Spec Changes

  • CAPI v1.9.0 Job Spec Changes and v1.10.0 Job Spec Changes
  • Add etcd.network_diagnostics_duration_in_seconds property with default 30 to etcd job property to avoid filling up log aggregation services. details
  • Add etcd.enable_network_diagnostics and default to true. details details

    Recommended BOSH Stemcell Versions

  • real IaaS: 3263.8

  • BOSH-Lite: 3262.2

Note: For AWS you should use the Xen-HVM stemcells rather than Xen.

These are soft recommendations; several different versions of the stemcells are likely to work fine with this version of cf-release and the corresponding versions of the additional releases listed above.

Downloads