-
Notifications
You must be signed in to change notification settings - Fork 21
/
stemcell-v3421x.html.md.erb
150 lines (80 loc) · 4.85 KB
/
stemcell-v3421x.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
---
title: Stemcell v3421.x (Linux) Release Notes
Owner: BOSH
---
This topic includes release notes for the 3421.x line of Linux stemcells used with Pivotal Cloud Foundry (PCF).
## <a id="3421-43"></a>3421.43
**Release Date**: March 13, 2018
- Periodic Ubuntu Trusty stemcell bump
## <a id="3421-42"></a>3421.42
**Release Date**: February 23, 2018
- Bump Ubuntu Trusty stemcells for USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities
## <a id="3421-38"></a>3421.38
**Release Date**: January 23, 2018
- Bump Ubuntu Trusty stemcells for USN-3540-2: Linux kernel (Xenial HWE) vulnerabilities. This addresses the flaw known as Spectre. This update may include degradations to performance. Pivotal will do additional performance testing and provide updates as more information is available.
## <a id="3421-37"></a>3421.37
**Release Date**: January 18, 2018
- Bump Ubuntu Trusty stemcells for USN-3534-1: GNU C Library vulnerabilities
## <a id="3421-36"></a>3421.36
**Release Date**: January 10, 2018
- Bumps Ubuntu Trusty stemcells for USN-3522-4; also bumps vSphere stemcells to use VM hardware version 9
- USN-3522-2 introduced a regression in the Linux Hardware Enablement kernel and USN-3522-4 fixes that issue.
- Per the 3421.35 release note, monitor your VMs prior to upgrading to this stemcell and scale your VMs as necessary.
## <a id="3421-35"></a>3421.35
**Release Date:** January 10, 2018
- Bump Ubuntu Trusty stemcells for USN-3522-2: Linux (Xenial HWE) vulnerability (This flaw is known as Meltdown.)
### <a id='critical'></a> USN-3522-2 Addresses Meltdown Vulnerabilities
Meltdown exploits critical vulnerabilities in modern processors.
For more information about Meltdown, see the [Meltdown and Spectre Attacks](https://www.cloudfoundry.org/blog/meltdown-spectre-attacks/) blog post.
[USN-3522-2](https://www.cloudfoundry.org/usn-3522-2/) addresses the critical vulnerability in Ubuntu associated with Meltdown.
</br>
</br>
This update may include degradations to performance if your VM's CPU and memory usage are currently at near-capacity levels.
Prior to upgrading to this stemcell, monitor your PCF VM's current CPU and memory usage and scale those components if necessary. If any of your VMs are currently operating at 60% or above, Pivotal recommends scaling that VM.
For more information about the performance impact of Meltdown-related stemcell patches on PCF components and guidance on scaling, see this [KB article](https://discuss.pivotal.io/hc/en-us/articles/360000309953).
</br>
</br>
For more information about monitoring and scaling PCF, see the [Monitoring PCF VMs from Ops Manager](http://docs.pivotal.io/pivotalcf/2-0/customizing/monitoring.html),
[Key Capacity Scaling Indicators](https://docs.pivotal.io/pivotalcf/monitoring/key-cap-scaling.html),
and [Scaling PAS](../opsguide/scaling-ert-components.html) topics. Performance degradation is likely to vary by workload type, IaaS, and other factors.
Pivotal recommends testing your deployment thoroughly after upgrading to this stemcell.
## <a id="3421-34"></a>3421.34
**Release Date**: December 8, 2017
- Bump Ubuntu Trusty stemcell USN-3509-2: Linux kernel (Xenial HWE) vulnerabilities
## <a id="3421-32"></a>3421.32
**Release Date**: December 1, 2017
- Periodic Ubuntu stemcells update
## <a id="3421-20"></a>3421.20
**Release Date**: August 17, 2017
- Bump Ubuntu stemcells for [USN-3392-2: Linux kernel (Xenial HWE) regression](https://usn.ubuntu.com/usn/usn-3392-2/)
## <a id="3421-19"></a>3421.19
**Release Date**: August 12, 2017
- Bump Ubuntu stemcells for [USN-3385-2: Linux kernel (Xenial HWE) vulnerabilities](https://usn.ubuntu.com/usn/usn-3385-2/)
## <a id="3421-18"></a>3421.18
**Release Date**: August 4, 2017
- Bump Ubuntu Trusty stemcells for [USN-3378-2: Linux kernel (Xenial HWE) vulnerabilities](https://usn.ubuntu.com/usn/usn-3378-2/)
- Fix occasional rsyslog hang on startup
- Workaround for https://github.com/rsyslog/rsyslog/issues/1188
## <a id="3421-9"></a>3421.9
**Release Date**: June 21, 2017
- Bump Ubuntu stemcells for USN-3334-1: Linux kernel (Xenial HWE) vulnerabilities
## <a id="3421-3"></a>3421.3
**Release Date**: May 30, 2017
- Bump Ubuntu stemcells for USN-3304-1: Sudo vulnerability
## <a id="3421"></a>3421
**Release Date**: May 23, 2017
New:
- Added `env.bosh.remove_static_libraries` (bool) to remove static libraries
- Useful to enable this option when exporting compiled releases
- Added `env.bosh.ipv6.enable` (bool) to remove ipv6.disable kernel functionality at bootup time
Fixes:
- Fixed sysstat logging
- Fixed anacron's RANDOM_DELAY configuration
Bumps:
- Bumped s3cli v0.0.60
- Updated aws-sdk-go to solve network timeout edge case
- Bumped davcli v0.0.19
- Use TCP keep alive to solve network timeout edge case
- Bumped bosh-agent v0.0.35
- Add `-v` to the Agent binary
- Prepared `sync_dns` action to work with future Director's DNS integration