I've asked the admin team to make this adjustment. Thanks for pointing this out! Chip Childers | Technology Chief of Staff | Cloud Foundry Foundation

Thank you for the quick response, Dieu! -- View this message in context: http://cf-dev.70369.x6.nabble.com/cf-dev-CVE-2015-1834-CC-Path-Traversal-vulnerability-tp163p176.html Sent from the CF Dev

Hi James, thanks for the answer! We are interested to implement a job scheduler for CF. Do you think this could be interesting to have? We are working in a project called DC4Cities

Yes, that's the correct commit to cherry pick for the cc path traversal vulnerability. -Dieu CF Runtime PM

I understand the CFF strongly recommends to upgrade to v208 or after, but for those (including us) who cannot immediately upgrade, I want to know if there is a workaround against this

Hi John, I'll be working on this with engineering in the morning; thanks for the details thus far. This is puzzling: Metrons do not route traffic to dopplers outside their zone today. If all

Correct, thanks.

there is ongoing work to support process types using buildpacks, so that the same application codebase could be used for multiple different types of processes (web, worker, etc). once process types

To complete my request, I'm thinking of something like this in the manifest.yml: applications: - name: virusscan memory: 512M instances: 1 *schedule: - startFrom : a date

Hi guys, just to know, is there a project to add a job scheduler in Cloud Foundry? I'm thinking of something like the Heroku scheduler ( https://devcenter.heroku.com/articles/scheduler). That would be

ok thanks for the extra detail. to confirm, during the load test, the http traffic is being routed through zones 4 and 5 app instances on DEAs in a balanced way. however the dopplers associated with

I am seeing logs from zone 4 and 5 when tailing the logs (*cf logs hello-world | grep App | awk '{ print $2 }'*), I see a relatively even balance between all app instances, yet doppler on zones 1-3

it simply means that there is a Service Broker, and works in conjunction with the "marketplace" so commands like "cf marketplace", "cf create-service", "cf bind-service" and related all work with the

Hi, When I run 'bosh deploy' , I got a error''Error 400007: `uaa_z1/0' is not running after update": *Started preparing configuration > Binding configuration. Done (00:00:04)* *Started updating

CVE-2015-3202 details: http://lists.cloudfoundry.org/pipermail/cf-dev/2015-May/000194.html CVE-2015-1834 details: http://lists.cloudfoundry.org/pipermail/cf-dev/2015-May/000195.html -- Thank

Severity: Medium Vendor: Cloud Foundry Foundation Vulnerable Versions: Cloud Foundry Runtime Releases prior to 208 CVE References: CVE-2015-1834 Description: A path traversal vulnerability was

Severity: High Vendor: Canonical Ubuntu Vulnerable Versions: Canonical Ubuntu 10.04 and 14.04 CVE References: USN-2617-1, CVE-2015-3202 Description: A privilege escalation vulnerability was

please note that this release addresses CVE-2015-3202 and CVE-2015-1834 and we strongly recommend upgrading to this release. more details will be forthcoming after the long united states holiday

john, can you say more about "receiving no load at all"? for example, if you restart one of the app instances in zone 4 or zone 5 do you see logs with "cf logs"? you can target a single app instance

https://github.com/cloudfoundry/cf-release/releases/tag/v209 https://github.com/cloudfoundry-community/cf-docs-contrib/wiki/v209 Best, Shannon Coen Product Manager, Cloud Foundry Pivotal, Inc.