US flag signifying that this is a United States Federal Government website An official website of the United States government

Updates

Jul 10, 2017

Platform Release Notes: July 10, 2017

Curious what’s new that you might find helpful as a cloud.gov application developer? Here are highlights from our platform updates over the past six weeks.

Added

Changed

  • When you make a new service account or identity provider service instance, you will now get the credentials using a service key, instead of getting the credentials from a Toaster (formerly Fugacious) link. This doesn’t change existing service account and identity provider instances, but you can delete and recreate them to use this new method.
  • Static IP addresses for communicating with external apps: Outbound traffic from cloud.gov now comes from specific IP addresses to help customers open up a connection between cloud.gov and outside data centers.
  • We recommend you upgrade your Cloud Foundry CLI to the latest version to get the latest bug fixes.
  • We improved the responsiveness of the dashboard to better reflect actions that happen on the backend.

Platform releases

We upgraded the Cloud Foundry deployment to v264. This upgrade addresses this security vulnerability: CVE-2017-4994: Forwarded Headers in UAA.

You should restage your application to incorporate fixes in the base filesystem and ensure you’re running the most recent language version supported by your buildpack.

Additional upgrades

See Also

If you’re interested in details about recent dashboard updates, you can also see the dashboard release notes.