Platform Release Notes: July 18, 2017

Curious what’s new that you might find helpful as a cloud.gov user? Here are highlights from our platform updates over the past two weeks.

Added

• If you need to access multiple S3 buckets using the same credentials — for example to copy files between buckets — you can use the additional_instances option when binding. Read the docs to learn more about how this works.
• cloud.gov supports Oracle SE1 for relational databases. This is by request only until AWS GovCloud eventually supports SE2. You can read more about relational database plans and how to request access to the Oracle service plan.
• We created a page explaining prototyping packages, how you might use them, and what they cost.

Changed

• If you have .NET applications you’re interested in running on cloud.gov, the updated .NET Core buildpack supports .NET Core 2 Preview (currently in alpha). It’s ready for you to prototype with your .NET applications.

Platform releases

We upgraded the Cloud Foundry deployment to v267.

You should restage your application to incorporate fixes in the base filesystem and ensure you’re running the most recent language version supported by your buildpack.

Additional upgrades

• RootFS cflinuxfs2 1.138.0, which addresses this security vulnerability:
  • CVE-2017-11103, service impersonation attack only affecting applications using or embedding Heimdal code before 7.4.
• Diego v1.22.0
• Stemcell
• Buildpack updates:
  • PHP v4.3.29
  • .NET Core v1.0.21
  • NodeJS v1.6.2, which remediates CVE-2017-1000381 - c-ares NAPTR parser out of bounds access
  • Python v1.5.20
  • Staticfile v1.4.10
  • Ruby v1.6.43

See Also

If you’re interested in details about recent dashboard updates, you can also see the dashboard release notes.