Platform Release Notes: March 14, 2017

Curious what’s new that you might find helpful as a cloud.gov application developer? Here are highlights from our platform updates over the past two weeks.

Added

The cloud.gov dashboard now alerts you when it’s unable to fetch recent data. This can help you when you’re troubleshooting problems with your application.

Changed

cf logs now accesses logs over port 443 instead of the previous port 4443, to increase the number of people who can use cf logs without errors. In many workplaces port 4443 is blocked, which leads cf logs to return an error.

Security

We upgraded the Cloud Foundry deployment to v252. We have also upgraded the following buildpacks to versions newer than the buildpacks included in CF v252:

• staticfile-buildpack 1.3.17
• java-buildpack 3.13
• ruby-buildpack 1.6.34
• nodejs-buildpack 1.5.29
• go-buildpack 1.7.18
• python-buildpack 1.5.15
• php-buildpack 4.3.27
• binary-buildpack 1.0.9

As part of the Cloud Foundry upgrade, the base filesystem used for running your application has been updated to address several security vulnerabilities. You should restage your application to incorporate fixes in the base filesystem and ensure you’re running the most recent language version supported by your buildpack.

• USN-3142-2: ImageMagick Regression
• USN-3181-1: OpenSSL vulnerabilities
• USN-3183-1: GnuTLS vulnerabilities
• USN-3185-1: libXpm vulnerability
• USN-3193-1: Nettle vulnerability
• USN-3205-1: tcpdump vulnerabilities
• USN-3212-1: LibTIFF vulnerabilities

See also

If you’re interested in details about recent dashboard updates, you can also see the dashboard release notes.