Platform Release Notes: July 10, 2017
Curious what’s new that you might find helpful as a cloud.gov application developer? Here are highlights from our platform updates over the past six weeks.
- Organization managers can now add new teammates to your org and manage user permissions right from the dashboard.
- cf-service-connect now supports Windows. See how to install it here.
- When you make a new service account or identity provider service instance, you will now get the credentials using a service key, instead of getting the credentials from a Toaster (formerly Fugacious) link. This doesn’t change existing service account and identity provider instances, but you can delete and recreate them to use this new method.
- Static IP addresses for communicating with external apps: Outbound traffic from cloud.gov now comes from specific IP addresses to help customers open up a connection between cloud.gov and outside data centers.
- We recommend you upgrade your Cloud Foundry CLI to the latest version to get the latest bug fixes.
- We improved the responsiveness of the dashboard to better reflect actions that happen on the backend.
We upgraded the Cloud Foundry deployment to v264. This upgrade addresses this security vulnerability: CVE-2017-4994: Forwarded Headers in UAA.
You should restage your application to incorporate fixes in the base filesystem and ensure you’re running the most recent language version supported by your buildpack.
- RootFS cflinuxfs2 1.133.0, which address vulnerabilities described in these security notices:
- Diego 1.19.0
- Stemcell 3312.29
- Buildpack updates:
If you’re interested in details about recent dashboard updates, you can also see the dashboard release notes.