Stemcell (Linux) Release Notes

This topic includes release notes for Linux stemcells used with Pivotal Cloud Foundry (PCF).

3586.x

This section includes release notes for the 3586 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3586.27

Available in Pivotal Network

Release Date: July 30, 2018

Periodic Ubuntu Trusty/CentOS stemcell bump (July 31, 2018)

3586.26

Available in Pivotal Network

Release Date: July 16, 2018

Periodic Ubuntu Trusty stemcell bump (July 16, 2018)

3586.25

Available in Pivotal Network

Release Date: July 02, 2018

  • Periodic Ubuntu Trusty stemcell bump (July 2, 2018)

3586.24

Available in Pivotal Network

Release Date: June 18, 2018

  • Periodic Ubuntu Trusty stemcell bump (June 18, 2018)

3586.23

Release Date: June 13, 2018

  • We are continuing to investigate GCP stemcell compatibility issue from earlier version, but we did roll back BOSH Agent to an earlier version that seems to not trigger this problem
    • Note: This build does not include fixes to recently published CVE-2018-3665

3586.18

Release Date: June 04, 2018

WARNING: We are currently investigating unresponsive agent issues when using the Google Cloud Platform version of this stemcell. In the meantime, please use 3586.16 when deploying to GCP.

  • Periodic Ubuntu Trusty stemcell bump (June 4, 2018)

3586.16

Available in Pivotal Network

Release Date: May 24, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3654-2: Linux kernel (Xenial HWE) vulnerabilities”

TLS for Internal Blobstore Supported

For Ops Manager v2.2 and later, you can enable TLS for your internal blobstore. Make sure you configured all tiles with a stemcell v3586 or later before enabling TLS for your internal blobstore.

For more information, see TLS for Internal Blobstore Supported in the Ops Manager release notes.

3586.8

Release Date: May 21, 2018

  • Periodic Ubuntu Trusty stemcell bump (May 21, 2018)

3586.7

Release Date: May 09, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3641-1: Linux kernel vulnerabilities”

3586.5

Release Date: May 08, 2018

  • Bump s3cli to include AliCloud support
  • Bump bosh-agent
    • Support network aliases (used by Softlayer CPI)
    • Support static routes for networks (used by Softlayer CPI)
    • Support iSCSI for persistent disks (used by Softlayer CPI)
    • Use parted when GPT partitions are detected
    • Refactor retryable strategy usages

3541.x

This section includes release notes for the 3541 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3541.37

Available in Pivotal Network

Release Date: July 30, 2018

Periodic Ubuntu Trusty stemcell bump (July 31, 2018)

3541.36

Available in Pivotal Network

Release Date: July 16, 2018

Periodic Ubuntu Trusty stemcell bump (July 16, 2018)

3541.35

Available in Pivotal Network

Release Date: July 02, 2018

  • Periodic Ubuntu Trusty stemcell bump (July 2, 2018)

3541.34

Available in Pivotal Network

Release Date: June 18, 2018

  • Periodic Ubuntu Trusty stemcell bump (June 18, 2018)

3541.31

Release Date: June 04, 2018

  • Periodic Ubuntu Trusty stemcell bump (June 4, 2018)

3541.25

Available in Pivotal Network

Release Date: May 09, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3641-1: Linux kernel vulnerabilities”

3541.30

Available in Pivotal Network

Release Date: May 23, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3654-2: Linux kernel (Xenial HWE) vulnerabilities”

3541.26

Release Date: May 21, 2018

  • Periodic Ubuntu Trusty stemcell bump (May 21, 2018)

3541.24

Available in Pivotal Network

Release Date: May 07, 2018

  • Ubuntu Trusty stemcells periodic update (May 7, 2018)

3541.12

Available in Pivotal Network

Release Date: April 06, 2018

  • Bump Ubuntu Trusty stemcells for USN-3619-2: Linux kernel (Xenial HWE) vulnerabilities

3541.10

Available in Pivotal Network

Release Date: March 26, 2018

  • Periodic Ubuntu and CentOS stemcell bump (March 26/27, 2018)

3541.9

Available in Pivotal Network

Release Date: March 12, 2018

  • Periodic Ubuntu and CentOS stemcell bump (March 12, 2018)

3541.8

Available in Pivotal Network

Release Date: March 08, 2018

  • Bump bosh-agent to 2.67.1
    • Agent will now respect previously set permissions and owner on sys/run, sys/log and data job directories
    • This should fix stemcell compatibility with Diego/Garden if Agent restarts
    • If you were using 3541.x stemcell for any of your deployments, it’s recommended to update your deployments to this version before updating Director since that would cause Agent restart

3541.5

Release Date: February 22, 2018

  • Bump Ubuntu Trusty stemcells for USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities

3541.4

Release Date: February 14, 2018

  • Rolled back custom umask configuration as we found out it was different in some cases (depends on how processes were started)
    • Hardening of /var/vcap/jobs/* is still applied by the agent

3541.2

Release Date: February 08, 2018

  • [breaking] Set default umask to 077 and further harden several /var/vcap/* directories
    • Note that you may have to change your release to adapt to this change
  • [breaking] Renamed /var/vcap/bosh/bin/ntpdate to /var/vcap/bosh/bin/sync-time
  • [breaking] Stop forwarding SSH events to bosh-agent
    • Agent no longer receives and forwards such events to HM. This should remove a lot of noisy generated by releases that expect a lot of SSH sessions (eg Gitlab). This information will continue to be available in logs forwarded to remote destinations (and locally /var/log/auth.log).
  • Fixes env.bosh.swap_size: 0 to work on more clouds (including GCP)

Misc

  • Order stemcell tarballs so that upload-stemcell command can execute faster
  • Generate packages.txt within stemcell tarball that includes list of installed packages (previously known under different name)

3469.x

This section includes release notes for the 3469 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3469.1

Release Date: February 27, 2018

  • Stemcell produced for testing rsyslog bump to the latest version
    • Unless testing rsyslog, use 3468.x or 3541.x stemcell lines

3468.x

This section includes release notes for the 3468 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3468.55

Available in Pivotal Network

Release Date: July 30, 2018

Periodic Ubuntu Trusty stemcell bump (July 31, 2018)

3468.54

Available in Pivotal Network

Release Date: July 16, 2018

Periodic Ubuntu Trusty stemcell bump (July 16, 2018)

3468.53

Release Date: July 02, 2018

  • Periodic Ubuntu Trusty stemcell bump (July 2, 2018)

3468.51

Available in Pivotal Network

Release Date: June 18, 2018

  • Periodic Ubuntu Trusty stemcell bump (June 18, 2018)

3468.47

Release Date: June 04, 2018

  • Periodic Ubuntu Trusty stemcell bump (June 4, 2018)

3468.42

Available in Pivotal Network

Release Date: May 09, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3641-1: Linux kernel vulnerabilities”

3468.46

Available in Pivotal Network

Release Date: May 23, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3654-2: Linux kernel (Xenial HWE) vulnerabilities”

3468.44

Release Date: May 21, 2018

  • Periodic Ubuntu Trusty stemcell bump (May 21, 2018)

3468.41

Available in Pivotal Network

Release Date: May 07, 2018

  • Ubuntu Trusty stemcells periodic update (May 7, 2018)

3468.30

Available in Pivotal Network

Release Date: April 06, 2018

  • Bump Ubuntu Trusty stemcells for USN-3619-2: Linux kernel (Xenial HWE) vulnerabilities

3468.28

Available in Pivotal Network

Release Date: March 26, 2018

  • Periodic Ubuntu and CentOS stemcell bump (March 26/27, 2018)

3468.27

Available in Pivotal Network

Release Date: March 12, 2018

  • Periodic Ubuntu and CentOS stemcell bump (March 12, 2018)

3468.26

Release Date: March 01, 2018

  • Includes updated ixgbevf 4.3.4

3468.25

Available in Pivotal Network

Release Date: February 22, 2018

  • Bump Ubuntu Trusty stemcells for USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities

3468.22

Release Date: February 05, 2018

  • [Feb 5] Periodic stemcell bump

3468.21

Available in Pivotal Network

Release Date: January 23, 2018

  • No functional change from 3468.20, except version number

3468.20

Available in Pivotal Network

Release Date: January 23, 2018

3468.19

Available in Pivotal Network

Release Date: January 17, 2018

  • Bump Ubuntu Trusty stemcells for USN-3534-1: GNU C Library vulnerabilities

3468.17

Available in Pivotal Network

Release Date: January 10, 2018

3468.16

Available in Pivotal Network

Release Date: January 10, 2018

3468.15

Release Date: December 15, 2017

  • Bump Ubuntu Trusty stemcells for USN-3509-4: Linux kernel (Xenial HWE) regression

3468.13

Available in Pivotal Network

Release Date: December 08, 2017

  • Bump Ubuntu Trusty stemcell USN-3509-2: Linux kernel (Xenial HWE) vulnerabilities

3468.12

Release Date: December 06, 2017

  • Bump Ubuntu Trusty stemcells for USN-3505-1: Linux firmware vulnerabilities

3468.11

Release Date: November 21, 2017

  • Periodic Ubuntu stemcells update
  • Includes Agent changes to support IPv6 on vSphere (manual networking)

3468.5

Release Date: October 26, 2017

  • Configure /tmp to have sticky bit set

3468.1

Release Date: October 23, 2017

  • Periodic stemcell bump

3468

Release Date: October 05, 2017

  • Removed password authentication for Warden stemcells
  • Various minor tweaks that were already backported to older lines

Upcoming features on this stemcell line:

  • IPv6 support for vSphere

3445.x

This section includes release notes for the 3445 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3445.55

Available in Pivotal Network

Release Date: July 30, 2018

Periodic Ubuntu Trusty stemcell bump (July 31, 2018)

3445.54

Available in Pivotal Network

Release Date: July 16, 2018

Periodic Ubuntu Trusty stemcell bump (July 16, 2018)

3445.53

Available in Pivotal Network

Release Date: July 02, 2018

  • Periodic Ubuntu Trusty stemcell bump (July 2, 2018)

3445.51

Available in Pivotal Network

Release Date: June 18, 2018

  • Periodic Ubuntu Trusty stemcell bump (June 18, 2018)

3445.49

Release Date: June 04, 2018

  • Periodic Ubuntu Trusty stemcell bump (June 4, 2018)

3445.48

Available in Pivotal Network

Release Date: May 23, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3654-2: Linux kernel (Xenial HWE) vulnerabilities”

3445.42

Available in Pivotal Network

Release Date: May 01, 2018

  • Ubuntu Trusty stemcells periodic update (Apr 30, 2018)

3445.46

Release Date: May 21, 2018

  • Periodic Ubuntu Trusty stemcell bump (May 21, 2018)

3445.45

Available in Pivotal Network

Release Date: May 09, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3641-1: Linux kernel vulnerabilities”

3445.44

Available in Pivotal Network

Release Date: May 07, 2018

  • Ubuntu Trusty stemcells periodic update (May 7, 2018)

3445.32

Available in Pivotal Network

Release Date: April 06, 2018

  • Bump Ubuntu Trusty stemcells for USN-3619-2: Linux kernel (Xenial HWE) vulnerabilities

3445.30

Available in Pivotal Network

Release Date: March 26, 2018

  • Periodic Ubuntu Trusty stemcell bump (March 26/27, 2018)

3445.29

Available in Pivotal Network

Release Date: March 12, 2018

  • Periodic Ubuntu Trusty stemcell bump (March 12, 2018)

3445.28

Available in Pivotal Network

Release Date: February 22, 2018

  • Bump Ubuntu Trusty stemcells for USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities

3445.25

Release Date: February 05, 2018

  • [Feb 5] Periodic stemcell bump

3445.24

Available in Pivotal Network

Release Date: January 23, 2018

3445.23

Available in Pivotal Network

Release Date: January 17, 2018

  • Bump Ubuntu Trusty stemcells for USN-3534-1: GNU C Library vulnerabilities

3445.22

Available in Pivotal Network

Release Date: January 10, 2018

3445.21

Available in Pivotal Network

Release Date: January 10, 2018

3445.19

Available in Pivotal Network

Release Date: December 08, 2017

  • Bump Ubuntu Trusty stemcell USN-3509-2: Linux kernel (Xenial HWE) vulnerabilities

3445.18

Release Date: December 06, 2017

  • Bump Ubuntu Trusty stemcells for USN-3505-1: Linux firmware vulnerabilities

3445.17

Available in Pivotal Network

Release Date: November 21, 2017

  • Periodic Ubuntu stemcells update

3445.11

Available in Pivotal Network

Release Date: September 19, 2017

  • Bump Ubuntu stemcells for USN-3420-2: Linux kernel (Xenial HWE) vulnerabilities

3445.7

Available in Pivotal Network

Release Date: August 30, 2017

  • Logrotate /var/log/wtmp and utmp more aggressively
  • Updated BOSH agent to include aggressive 5 minute timeout on NATS connection failure
  • Set auditd rules to be mutable by default
    • Please use auditd job from os-conf-release to make rules immutable

3445.2

Release Date: August 16, 2017

3445

Release Date: August 11, 2017

3431.x

This section includes release notes for the 3431 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3431.13

Release Date: August 03, 2017

  • Bump version (no change)

3431.11

Release Date: August 03, 2017

3431.10

Release Date: July 31, 2017

  • Periodic Ubuntu stemcells update

3422.x

This section includes release notes for the 3422 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3422.7

Release Date: November 22, 2017

  • Test stemcell for umask changes (based on 3468.x stemcell line)

3421.x

This section includes release notes for the 3421 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3421.70

Available in Pivotal Network

Release Date: July 30, 2018

Periodic Ubuntu Trusty stemcell bump (July 31, 2018)

3421.69

Available in Pivotal Network

Release Date: July 16, 2018

Periodic Ubuntu Trusty stemcell bump (July 16, 2018)

3421.68

Release Date: July 02, 2018

  • Periodic Ubuntu Trusty stemcell bump (July 2, 2018)

3421.66

Available in Pivotal Network

Release Date: June 18, 2018

  • Periodic Ubuntu Trusty stemcell bump (June 18, 2018)

3421.64

Release Date: June 04, 2018

  • Periodic Ubuntu Trusty stemcell bump (June 4, 2018)

3421.63

Available in Pivotal Network

Release Date: May 23, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3654-2: Linux kernel (Xenial HWE) vulnerabilities”

3421.56

Available in Pivotal Network

Release Date: May 01, 2018

  • Ubuntu Trusty stemcells periodic update (Apr 30, 2018)

3421.60

Release Date: May 21, 2018

  • Periodic Ubuntu Trusty stemcell bump (May 21, 2018)

3421.59

Available in Pivotal Network

Release Date: May 09, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3641-1: Linux kernel vulnerabilities”

3421.58

Available in Pivotal Network

Release Date: May 07, 2018

  • Ubuntu Trusty stemcells periodic update (May 7, 2018)

3421.46

Available in Pivotal Network

Release Date: April 06, 2018

  • Bump Ubuntu Trusty stemcells for USN-3619-2: Linux kernel (Xenial HWE) vulnerabilities

3421.44

Available in Pivotal Network

Release Date: March 26, 2018

  • Periodic Ubuntu Trusty stemcell bump (March 26/27, 2018)

3421.43

Available in Pivotal Network

Release Date: March 12, 2018

  • Periodic Ubuntu Trusty stemcell bump (March 12, 2018)

3421.42

Available in Pivotal Network

Release Date: February 22, 2018

  • Bump Ubuntu Trusty stemcells for USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities

3421.39

Release Date: February 05, 2018

  • [Feb 5] Periodic stemcell bump

3421.38

Available in Pivotal Network

Release Date: January 23, 2018

3421.37

Available in Pivotal Network

Release Date: January 17, 2018

  • Bump Ubuntu Trusty stemcells for USN-3534-1: GNU C Library vulnerabilities

3421.36

Available in Pivotal Network

Release Date: January 10, 2018

3421.35

Available in Pivotal Network

Release Date: January 10, 2018

3421.34

Available in Pivotal Network

Release Date: December 08, 2017

  • Bump Ubuntu Trusty stemcell USN-3509-2: Linux kernel (Xenial HWE) vulnerabilities

3421.33

Release Date: December 06, 2017

  • Bump Ubuntu Trusty stemcells for USN-3505-1: Linux firmware vulnerabilities

3421.32

Available in Pivotal Network

Release Date: November 21, 2017

  • Periodic Ubuntu stemcells update

3421.20

Available in Pivotal Network

Release Date: August 16, 2017

3421.19

Available in Pivotal Network

Release Date: August 11, 2017

3421.18

Available in Pivotal Network

Release Date: August 03, 2017

3421.11

Release Date: June 29, 2017

  • Bump Ubuntu stemcells for USN-3344-2: Linux kernel (Xenial HWE) vulnerabilities

3421.9

Available in Pivotal Network

Release Date: June 21, 2017

  • Bump Ubuntu stemcells for USN-3334-1: Linux kernel (Xenial HWE) vulnerabilities

3421.6

Release Date: June 09, 2017

  • Bump Ubuntu stemcells for USN-3312-2 - Linux kernel vulnerabilities

3421.4

Release Date: June 01, 2017

  • Bump CentOS stemcells for CESA-2017:1382 - sudo vulnerability

3421.3

Available in Pivotal Network

Release Date: May 30, 2017

  • Bump Ubuntu stemcells for USN-3304-1: Sudo vulnerability

3421

Release Date: May 22, 2017

New:

  • Added env.bosh.remove_static_libraries (bool) to remove static libraries
    • Useful to enable this option when exporting compiled releases
  • Added env.bosh.ipv6.enable (bool) to remove ipv6.disable kernel functionality at bootup time

Fixes:

  • Fixed sysstat logging
  • Fixed anacron’s RANDOM_DELAY configuration

Bumps:

  • Bumped s3cli v0.0.60
    • Updated aws-sdk-go to solve network timeout edge case
  • Bumped davcli v0.0.19
    • Use TCP keep alive to solve network timeout edge case
  • Bumped bosh-agent v0.0.35
    • Add -v to the Agent binary
    • Prepared sync_dns action to work with future Director’s DNS integration

3363.x

This section includes release notes for the 3363 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3363.65

Available in Pivotal Network

Release Date: June 18, 2018

  • Periodic Ubuntu Trusty stemcell bump (July 18, 2018)

3363.64

Release Date: June 04, 2018

  • Periodic Ubuntu Trusty stemcell bump (June 4, 2018)

3363.63

Available in Pivotal Network

Release Date: May 23, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3654-2: Linux kernel (Xenial HWE) vulnerabilities”

3363.62

Release Date: May 21, 2018

  • Periodic Ubuntu Trusty stemcell bump (May 21, 2018)

3363.61

Available in Pivotal Network

Release Date: May 09, 2018

  • Bump Ubuntu Trusty stemcells for “USN-3641-1: Linux kernel vulnerabilities”

3363.60

Available in Pivotal Network

Release Date: May 07, 2018

  • Ubuntu Trusty stemcells periodic update (May 7, 2018)

3363.53

Available in Pivotal Network

Release Date: April 06, 2018

  • Bump Ubuntu Trusty stemcells for USN-3619-2: Linux kernel (Xenial HWE) vulnerabilities

3363.52

Available in Pivotal Network

Release Date: March 26, 2018

  • Periodic Ubuntu Trusty stemcell bump (March 26/27, 2018)

3363.51

Available in Pivotal Network

Release Date: March 12, 2018

  • Periodic Ubuntu Trusty stemcell bump (March 12, 2018)

3363.50

Available in Pivotal Network

Release Date: February 22, 2018

  • Bump Ubuntu Trusty stemcells for USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities

3363.49

Release Date: February 05, 2018

  • [Feb 5] Periodic stemcell bump

3363.48

Available in Pivotal Network

Release Date: January 23, 2018

3363.47

Available in Pivotal Network

Release Date: January 17, 2018

  • Bump Ubuntu Trusty stemcells for USN-3534-1: GNU C Library vulnerabilities

3363.46

Available in Pivotal Network

Release Date: January 10, 2018

3363.45

Available in Pivotal Network

Release Date: January 10, 2018

3363.44

Available in Pivotal Network

Release Date: December 08, 2017

  • Bump Ubuntu Trusty stemcell USN-3509-2: Linux kernel (Xenial HWE) vulnerabilities

3363.43

Release Date: December 06, 2017

  • Bump Ubuntu Trusty stemcells for USN-3505-1: Linux firmware vulnerabilities

3363.42

Available in Pivotal Network

Release Date: November 21, 2017

  • Periodic Ubuntu stemcells update

3363.24

Available in Pivotal Network

Release Date: May 17, 2017

  • Periodic Ubuntu stemcells update

3363.22

Release Date: May 11, 2017

  • Periodic Ubuntu stemcells update
  • Run cron in BOSH Lite stemcells so that logrotation is performed

3363.20

Available in Pivotal Network

Release Date: April 25, 2017

  • Bump Ubuntu stemcells for USN-3265-2: Linux kernel (Xenial HWE) vulnerabilities

3363.19

Release Date: April 17, 2017

  • Periodic bump for CentOS stemcells to include CESA-2017:0933
  • Disable IPv6 through /proc/cmdline to eliminate possibilty of listening on tcp6/udp6

3363.15

Available in Pivotal Network

Release Date: April 05, 2017

  • Bump Ubuntu stemcells for USN-3256-2: Linux kernel (HWE) vulnerability

Misc:

  • Made AWS AMI backing snapshot public to support encryption of boot disks

3363.14

Available in Pivotal Network

Release Date: March 30, 2017

  • Bump Ubuntu stemcells for USN-3249-2: Linux kernel (Xenial HWE) vulnerability

3363.10

Available in Pivotal Network

Release Date: March 08, 2017

  • Bumps Ubuntu stemcells for USN-3220-2: Linux kernel (Xenial HWE) vulnerability

3363.9

Release Date: February 22, 2017

Changes: - Bumps Ubuntu stemcells for USN-3208-2: Linux kernel (Xenial HWE) vulnerabilities - Fixes excessive “out of memory” errors in kernel - https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1655842 - Fixes regression to rsyslog by locking it down again to rsyslog 8.22.0

Agent: - Fixes Azure stemcell persistent disk formatting - Fixes Warden stemcells SSH access

3363.1

Release Date: February 15, 2017

Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - rsyslog version updated to 8.24.0, regressing on issue #1537 - Out of memory errors still exists in Kernel 4.4.0.62 - will be fixed around Feb 20.

Changes: - Fixes double -hvm- suffix problem for AWS Light stemcells

3363

Release Date: February 15, 2017

Reported Problems: - DO NOT USE azure stemcell as it may cause data loss. - Out of memory errors still exists in Kernel 4.4.0.62 - will be fixed around Feb 20. - rsyslog version updated to 8.24.0, regressing on issue #1537 - AWS Light stemcell has incorrect name once imported - BOSH SSH does not work on BOSH Lite

Changes: - Add more auditd rules - Fix CentOS initramfs to load necessary kernel modules - Disable boot loader login - Increasing tcp_max_sync_backlog - Disabling any DSA host keys - Add bosh_sshers group and assign it to vcap user - Only allow users in bosh_sshers group to SSH

Agent: - Log Agent API access events in CEF format to syslog (vcap.agent topic) - Allow configuring swap size through env.bosh.swap_size (example: env.bosh.swap_size: 0) - Prepare for SHA2 releases - Allow setting fetching to work with base64 encoded user data - Do not delaycompress in logrotate

3312.x

This section includes release notes for the 3312 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3312.51

Available in Pivotal Network

Release Date: January 23, 2018

3312.50

Available in Pivotal Network

Release Date: January 10, 2018

3312.49

Available in Pivotal Network

Release Date: January 09, 2018

3312.48

Available in Pivotal Network

Release Date: December 08, 2017

  • Bump Ubuntu Trusty stemcell USN-3509-2: Linux kernel (Xenial HWE) vulnerabilities

3312.47

Release Date: December 06, 2017

  • Bump Ubuntu Trusty stemcells for USN-3505-1: Linux firmware vulnerabilities

3312.46

Available in Pivotal Network

Release Date: November 21, 2017

  • Periodic Ubuntu stemcells update

3312.17

Release Date: January 31, 2017

Reported Problems: - Memory leak bug in Kernel 4.4.0-59

Changes: - Periodic stemcell update

3312.15

Release Date: January 12, 2017

Reported Problems: - Memory leak bug in Kernel 4.4.0-59

Changes: - Periodic stemcell update

3312.12

Available in Pivotal Network

Release Date: December 20, 2016

3312.9

Available in Pivotal Network

Release Date: December 15, 2016

3312.8

Release Date: December 14, 2016

  • Bumps Ubuntu stemcells for USN-3156-1: APT vulnerability

3312.7

Release Date: December 06, 2016

3312.6

Release Date: December 02, 2016

  • Periodic stemcell update

3312.3

Release Date: November 30, 2016

  • Periodic stemcell update
    • Includes USN-3134-1 as requested by a community member

3312

Release Date: November 16, 2016

  • Properly includes libpam_cracklib.so to avoid errors in /var/log/auth.log

3309.x

This section includes release notes for the 3309 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3309

Release Date: November 10, 2016

  • Fixes persistent disk mounting on OpenStack described in Stemcell 3308

3308.x

This section includes release notes for the 3308 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3308

Release Date: November 09, 2016

Reported Problems: - On OpenStack: Mounting persistent disks not working when using config-drive: disk while nova is configured to use a cdrom config-drive due to https://github.com/cloudfoundry/bosh/issues/1503

Fixes: - Fixes SSH key installation issue introduced in Stemcell 3306

3306.x

This section includes release notes for the 3306 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3306

Release Date: November 08, 2016

Reported Problems - bosh-init doesn’t work with this stemcell on OpenStack and AWS due to https://github.com/cloudfoundry/bosh/issues/1500 - Booting the stemcell image directly in you IaaS (without using BOSH/bosh-init) does no longer provision the ssh key for user vcap, so you need to login differently

Changes - Agent will now wait for monit to complete stop all processes before carrying on - Added google stemcells - Default dmesg_restrict to 1 - Disable all IPv6 configurations - Reenabled UDF kernel module for Azure - Increase root_maxkeys and maxkeys kernel configurations - Changed default hostname to bosh-stemcell instead of localhost to avoid boot problems on GCP - Lower TCP keepalive configuration by default - Mount /var/log directory to /var/vcap/data/root_log - Restrict Access to the su command - Add pam_cracklib requirements to common-password and password-auth - Enable auditing for processes that start prior to auditd - Set log rotation interval to 15 min in stemcell - Made ownership & permissions for /etc/cron* files more restrictive - Customize shell prompt to show instance name and ID - Removed floppy drives from vSphere stemcells - Removed bosh micro assets hence making bosh micro unsupported

Misc: - Stemcells are now built through Concourse via https://main.bosh-ci.cf-app.com/teams/main/pipelines/bosh:stemcells

3263.x

This section includes release notes for the 3263 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3263.10

Release Date: November 03, 2016

  • Updates CentOS kernel to the latest version for “Dirty COW”
    • Ubuntu stemcells were updated in previous versions at the time of Ubuntu USN updates
  • Includes fix to the bosh-agent to better support 1TB+ disk partitioning

3263.8

Available in Pivotal Network

Release Date: October 21, 2016

  • Bump Ubuntu stemcells for USN-3106-2: Linux kernel (Xenial HWE) vulnerability
  • Includes a fix to the bosh-agent to work more reliably with 2TB+ persistent disks

3263.7

Available in Pivotal Network

Release Date: October 12, 2016

  • Bump Ubuntu stemcells for USN-3099-2: Linux kernel (Xenial HWE) vulnerabilities

3263.5

Release Date: September 30, 2016

  • Periodic bump
  • Delay start of rsyslogd using systemd on CentOS

3263.4

Release Date: September 28, 2016

  • google-kvm: improve the google-* daemon configurations
    • fixes ssh: handshake failed errors on boot

3263.3

Available in Pivotal Network

Release Date: September 26, 2016

  • Bumps Ubuntu stemcells for USN-3087-2 (OpenSSL regression)

3263

Release Date: September 19, 2016

  • Bumps Ubuntu to Linux kernel to 4.4

Based on 3262 stemcells. Note: OpenStack stemcells series 3263 is broken due to https://github.com/cloudfoundry/bosh-agent/issues/98 and should not be used

3262.x

This section includes release notes for the 3262 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3262.21

Available in Pivotal Network

Release Date: October 13, 2016

  • Bump Ubuntu stemcells for USN-3099-2: Linux kernel (Xenial HWE) vulnerabilities

3262.19

Available in Pivotal Network

Release Date: September 28, 2016

  • google-kvm: improve the google-* daemon configurations
    • fixes ssh: handshake failed errors on boot

3262.16

Available in Pivotal Network

Release Date: September 26, 2016

  • Bumps Ubuntu stemcells for USN-3087-2 (OpenSSL regression)

3262.15

Release Date: September 23, 2016

  • Bumps Ubuntu stemcells for USN-3087-1: OpenSSL vulnerabilities

3233.x

This section includes release notes for the 3233 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3233.1

Available in Pivotal Network

Release Date: September 27, 2016

  • Bumps Ubuntu stemcells for USN-3087-2 (OpenSSL regression)

USN-3522-2 Addresses Meltdown Vulnerabilities

Meltdown exploits critical vulnerabilities in modern processors. For more information about Meltdown, see the Meltdown and Spectre Attacks blog post. USN-3522-2 addresses the critical vulnerability in Ubuntu associated with Meltdown.

This update may include degradations to performance if your VM’s CPU and memory usage are currently at near-capacity levels. Prior to upgrading to this stemcell, monitor your PCF VM’s current CPU and memory usage and scale those components if necessary. If any of your VMs are currently operating at 60% or above, Pivotal recommends scaling that VM. For more information about the performance impact of Meltdown-related stemcell patches on PCF components and guidance on scaling, see this KB article.

For more information about monitoring and scaling PCF, see the Monitoring PCF VMs from Ops Manager, Key Capacity Scaling Indicators, and Scaling PAS topics. Performance degradation is likely to vary by workload type, IaaS, and other factors. Pivotal recommends testing your deployment thoroughly after upgrading to this stemcell.

3232.x

This section includes release notes for the 3232 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

3232.21

Available in Pivotal Network

Release Date: September 26, 2016

  • Bumps Ubuntu stemcells for USN-3087-2 (OpenSSL regression)

97.x

This section includes release notes for the 97 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

97.5

Release Date: August 08, 2018

Bump Ubuntu Xenial stemcells for “USN-3732-2: Linux kernel (HWE) vulnerability”

97.3

Release Date: July 30, 2018

Periodic Ubuntu Xenial stemcell bump (July 31, 2018)

87.x

This section includes release notes for the 87 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

87.4

Release Date: July 16, 2018

Periodic Ubuntu Xenial stemcell bump (July 16, 2018)

87.3

Release Date: July 11, 2018

Periodic Ubuntu Xenial stemcell bump (July 12, 2018)

87

Release Date: July 02, 2018

Periodic Ubuntu Xenial stemcell bump (July 2, 2018)

81.x

This section includes release notes for the 81 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

81

Release Date: June 19, 2018

  • Periodic Ubuntu Xenial stemcell bump (June 18, 2018)

60.x

This section includes release notes for the 60 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

60

Release Date: June 04, 2018

  • Periodic Ubuntu Xenial stemcell bump (June 4, 2018)

50.x

This section includes release notes for the 50 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

50

Release Date: May 23, 2018

  • Light stemcells are available

40.x

This section includes release notes for the 40 line of Linux stemcells used with Pivotal Cloud Foundry (PCF).

40

Release Date: May 22, 2018

  • First release of Ubuntu Xenial stemcells
  • Notable differences from Ubuntu Trusty
    • Includes systemd instead of upstart
    • Includes 4.15 Linux Kernel instead of 4.4
    • Uses chronyd to sync time (runs as a daemon) instead of ntpdate
    • Does not include NFS utils by default

Warning: Do not downgrade instances from Ubuntu Xenial to Ubuntu Trusty stemcells as it may corrupt persistent disk content since Trusty stemcells may decide to use sfdisk partitioner instead of parted partitioner selected by Xenial stemcells.

Create a pull request or raise an issue on the source for this page in GitHub