Hello All,

If you get questions about the recent SSL CVE today - it is a high and the
BOSH team will be acting on it as soon as we have an Ubuntu update from
Canonical. I will reply with new stemcell version numbers when we have them.

http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6304.html

Please let me know if you have any questions.

Thanks,
Molly Crowther
CFF Security Team

As you may have heard, Canonical released a regression USN (
http://www.ubuntu.com/usn/usn-3087-2/) to cover an issue introduced in the
fix released yesterday (http://www.ubuntu.com/usn/usn-3087-1/).

New stemcells are currently being built.

Molly Crowther
CFF Security Team

On Thu, Sep 22, 2016 at 8:24 AM, Molly Crowther <mcrowther(a)cloudfoundry.org>
wrote:

Hello All,

If you get questions about the recent SSL CVE today - it is a high and the
BOSH team will be acting on it as soon as we have an Ubuntu update from
Canonical. I will reply with new stemcell version numbers when we have them.

http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6304.html

Please let me know if you have any questions.

Thanks,
Molly Crowther
CFF Security Team