Skip to content

Commit

Permalink
Adding platform release notes for the last sprint (#2442)
Browse files Browse the repository at this point in the history
  • Loading branch information
cweibel authored Nov 27, 2023
1 parent 8e8b1ff commit ced7263
Showing 1 changed file with 166 additions and 0 deletions.
166 changes: 166 additions & 0 deletions _posts/2023-11-27-release-notes.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,166 @@
---
layout: post
date: November 27th 2023
title: "November 27th cloud.gov Change Log"
excerpt: The cloud.gov team is working on providing change logs so everyone can see new features and updates.
---

# Change Log - Enjoy the Turkey Day leftovers!

## Customer Facing Changes
---

The audience for this section is developers who maintain applications on cloud.gov and may need to respond to stack or buildpack changes.

### CF-Deployment - v33.4.0 to v33.10.0

* Changes below are broken down by component

### CFLinuxfs4 - 1.51.0 up from 1.49.0

Notably, this bump addresses:

* `USN-6467-2`: Kerberos vulnerability: CVE-2023-36054: lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
* `USN-6477-1`: procps-ng vulnerability: CVE-2023-4016: Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap.


### Java-Buildpack 4.63.1 up from 4.63.0
* This release includes some agent framework dependency bumps, including a bug fix in Java CFEnv when using DB2, see [this issue](https://github.com/pivotal-cf/java-cfenv/issues/231) for more information.

* For a more detailed look at the changes in 4.63.1, please take a look at the [commit log](https://github.com/cloudfoundry/java-buildpack/compare/v4.63.0...v4.63.1). The packaged version of the buildpack, suitable for use with create-buildpack and update-buildpack, can be found attached to this release.



### CF CLI 1.53.0 up from 1.50.0

This release contains the following versions of the CF CLI:


| Major Version | Prior Version | Current Version |
| --------------|---------------|-----------------|
| v8 | 8.7.5 | [8.7.5](https://github.com/cloudfoundry/cli/releases/tag/v8.7.5) |
| v7 | 7.7.5 | [7.7.5](https://github.com/cloudfoundry/cli/releases/tag/v7.7.5) |
| v6 | 6.53.0 | [6.53.0](https://github.com/cloudfoundry/cli/releases/tag/v6.53.0) |



## Platform Changes
---

This section is for the platform operators at `cloud.gov` to highlight changes to Cloud Foundry components, this is likely not of interest for developers using the platform.


### BOSH DNS - v1.36.10 from 1.36.9

* Updates golang package golang-1-linux to 1.21.4
* Updates golang package golang-1-windows to 1.21.4

### BPM - 1.2.11 from 1.2.9

* Updates golang package golang-1-linux to 1.21.4
* Fixed CVEs:
* [CVE-2023-39325](https://github.com/advisories/GHSA-4374-p667-p6c8): rapid stream resets can cause excessive work ([CVE-2023-44487](https://github.com/advisories/GHSA-qppj-fm5r-hxr3))

### CAPI - v1.165.0 up from v1.164.0

* CC API Version: 2.216.0 and 3.151.0
* Service Broker API Version: 2.15
* CAPI Release
* Bump golang from 1.21.3 to 1.21.4
* Bump redis from 7.2.2 to 7.2.3
* Cloud Controller
* Enable CF API to present routable field for app processes (cloudfoundry/cloud_controller_ng#3500)[https://github.com/cloudfoundry/cloud_controller_ng/pull/3500]
* Remove copilot (cloudfoundry/cloud_controller_ng#3355)[https://github.com/cloudfoundry/cloud_controller_ng/pull/3355]
* Prevent parallel test failures in request_spec (cloudfoundry/cloud_controller_ng#3505)[https://github.com/cloudfoundry/cloud_controller_ng/pull/3505]
* Update diego sync to not fetch every bit of every object, only completely fetch objects that need syncing (cloudfoundry/cloud_controller_ng#3503)[https://github.com/cloudfoundry/cloud_controller_ng/pull/3503]
* Introduce single source of truth for audit events (cloudfoundry/cloud_controller_ng#3504)[https://github.com/cloudfoundry/cloud_controller_ng/pull/3504]
* v3 should allow to update docker registry credentials (cloudfoundry/cloud_controller_ng#3467)[https://github.com/cloudfoundry/cloud_controller_ng/pull/3467]
* Require cloud_controller.read access(or equivalent) to access list endpoints (cloudfoundry/cloud_controller_ng#3450)[https://github.com/cloudfoundry/cloud_controller_ng/pull/3450]
* Fetch service plan visibilities with eager loading [cloudfoundry/cloud_controller_ng#3507](https://github.com/cloudfoundry/cloud_controller_ng/pull/3507)
* Dependency Bumps
* Bump prometheus-client from 4.2.1 to 4.2.2
* Bump sequel from 5.73.0 to 5.74.0
* Bump mock_redis from 0.38.0 to 0.39.0
* cc-uploader
* Bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.1
* Bump github.com/onsi/gomega from 1.29.0 to 1.30.0
* tps
* Bump github.com/onsi/ginkgo/v2 from 2.13.0 to 2.13.1
* Bump github.com/onsi/gomega from 1.29.0 to 1.30.0
* Cloud Controller Database Migrations
* [20231113105256_add_service_plan_id_index.rb](https://github.com/cloudfoundry/cloud_controller_ng/blob/e0a82e324a1b9fb959f8f05dcbfcd39dc8d1b74a/db/migrations/20231113105256_add_service_plan_id_index.rb)



### CF-Networking 3.38.0 up from 3.35.0
* Bump golang to 1.21.4
* The `policy-server-internal` job's healthcheck endpoint is now available only via localhost.
* Go package dependency bumps

### Diego 2.85.0 up from 2.84.0
* Bump garden Grootfs, Guardian, and idmapper
* Bump golang to 1.21.4

### Garden-Runc 1.44.0 up from 1.43.0
* Change user for grootfs test
* Bump golang to 1.21.4

### log-cache 3.0.8 up from 3.0.7
* Bump dependencies
* Bump Golang to v1.20.11

### loggregator-agent 7.7.1 up 7.6.4 from
* Added `warn_on_invalid_drains` property to Syslog Agent to allow warnings for invalid drains to be suppressed.
* Bump dependencies.
* Added `warn_on_invalid_drains` property to Windows Syslog Agent to allow warnings for invalid drains to be suppressed.
* Bump to go1.20.11
* Bump dependencies.

### metrics-discovery 3.2.20 up from 3.2.18
* Bump to go1.20.11
* Bump dependencies

### nats 56.12.0 up from 56.11.0
* Bump Golang to 1.21.4

### node-exporter 5.5.0 up from 5.4.0
* add missing collectors to boshrelease by @Houlistonm in [#17](https://github.com/bosh-prometheus/node-exporter-boshrelease/pull/17)

### prometheus 29.6.0 up grom 29.5.0
* add retro_compat.disable property by @mchabane in [#484](https://github.com/bosh-prometheus/prometheus-boshrelease/pull/484)
* various bumps:
* Bump Credhub-Exporter to v0.32.0
* Bump Grafana to v9.5.13
* Bump Grafana Worldmap Panel to v1.0.6
* Bump Postgres-Exporter to 0.14.0
* Bump Bosh-Exporter to v3.6.1
* Bump CF-Exporter to v1.2.3
* Bump Firehose-Exporter to v7.1.2
* Bump Redis-Exporter to v1.55.0
* Bump Prometheus to 2.47.0
* Bump Statsd-Exporter to 0.25.0

### Routing 0.284.0 up from 0.283.0
* Upgrade to Golang 1.21.4
* Bump dependencies

### silk 3.38.0 up from 3.35.0
* Remove unused property [rep_listen_addr_admin](https://github.com/cloudfoundry/silk-release/commit/ee98f5a9d1e1f7c82a3c8055b0e5aacf087538f8)
* Bump golang to 1.21.4
* Go package dependency bumps

### statsd-injector 1.11.36 up from 1.11.35
* Bump dependencies
* Bump packaged Golang to go1.20.11


### UAA 76.25.0 up from 76.24.0
* Bump github.com/onsi/gomega from 1.28.1 to 1.29.0 in /src/acceptance_tests by @dependabot in [#694](https://github.com/cloudfoundry/uaa-release/pull/694)
* Bump rake from 13.0.6 to 13.1.0 by @dependabot in [#698](https://github.com/cloudfoundry/uaa-release/pull/698)
* Bump github.com/cloudfoundry/bosh-utils from 0.0.408 to 0.0.409 in /src/acceptance_tests by @dependabot in [#695](https://github.com/cloudfoundry/uaa-release/pull/695)
* Bump racc from 1.7.1 to 1.7.2 by @dependabot in [#700](https://github.com/cloudfoundry/uaa-release/pull/700)


### Final Note

You may want to throw out the stuffing at this point.

0 comments on commit ced7263

Please sign in to comment.