Releases: cloudfoundry/bosh-linux-stemcell-builder
Releases · cloudfoundry/bosh-linux-stemcell-builder
Stemcell 3541.4
- Rolled back custom umask configuration as we found out it was different in some cases (depends on how processes were started)
- Hardening of /var/vcap/jobs/* is still applied by the agent
Stemcell 3541.2
- [breaking] Set default umask to 077 and further harden several /var/vcap/* directories
- Note that you may have to change your release to adapt to this change
- [breaking] Renamed /var/vcap/bosh/bin/ntpdate to /var/vcap/bosh/bin/sync-time
- [breaking] Stop forwarding SSH events to bosh-agent
- Agent no longer receives and forwards such events to HM. This should remove a lot of noisy generated by releases that expect a lot of SSH sessions (eg Gitlab). This information will continue to be available in logs forwarded to remote destinations (and locally /var/log/auth.log).
- Fixes
env.bosh.swap_size: 0to work on more clouds (including GCP)
Misc
- Order stemcell tarballs so that upload-stemcell command can execute faster
- Generate
packages.txtwithin stemcell tarball that includes list of installed packages (previously known under different name)
Stemcell 3468.22
- [Feb 5] Periodic stemcell bump
Stemcell 3445.25
- [Feb 5] Periodic stemcell bump
Stemcell 3421.39
- [Feb 5] Periodic stemcell bump
Stemcell 3468.21
- No functional change from 3468.20, except version number
Stemcell 3468.20
- Bump Ubuntu Trusty stemcells for USN-3540-2: Linux kernel (Xenial HWE) vulnerabilities (This flaw is known as Spectre.)
Stemcell 3445.24
- Bump Ubuntu Trusty stemcells for USN-3540-2: Linux kernel (Xenial HWE) vulnerabilities (This flaw is known as Spectre.)
Stemcell 3421.38
- Bump Ubuntu Trusty stemcells for USN-3540-2: Linux kernel (Xenial HWE) vulnerabilities (This flaw is known as Spectre.)
Stemcell 3468.19
- Bump Ubuntu Trusty stemcells for USN-3534-1: GNU C Library vulnerabilities