Releases: cloudfoundry/bosh-windows-stemcell-builder
Releases · cloudfoundry/bosh-windows-stemcell-builder
1803.1
Features
- This is the first 1803 stemcell that we are publishing!
- Intended to use with August 2018 Microsoft Security Updates.
- Includes an important Microsoft Security Update that provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF). More details here
- Compatible with the latest stable OpenSSH version - OpenSSH_for_Windows_v7.7.2.0p1
1200.23
Features
- Intended to use with August 2018 Microsoft Security Updates.
- Includes an important Microsoft Security Update that provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF). More details here
- Compatible with the latest stable OpenSSH version - OpenSSH_for_Windows_v7.7.2.0p1
Security Updates
- Disabled use TLS 1.0 by SSL/TLS Server, Client
- Disabled RC4, DCOM
- Disabled triple-DES cipher to mitigate against Sweet32: Birthday attacks on 64-bit block ciphers in TLS.
1709.12
Features
- Intended to use with August 2018 Microsoft Security Updates.
- Includes an important Microsoft Security Update that provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF). More details here
- Compatible with the latest stable OpenSSH version - OpenSSH_for_Windows_v7.7.2.0p1-Beta
1200.22
Features
- Intended to use with July 2018 Microsoft Security Updates
- Intended to use with Security and Quality Rollup updates for .NET Framework
1709.11
Features
- Intended to use with July 2018 Microsoft Security Updates
- 1709 for AWS will be published on bosh.io for the first time with 1709.11
Bug Fix
- There were a few 2012R2 L-1 CIS Policies that were applied to 1709 as well. We have removed them, and would add the right corresponding 1709 L-1 CIS Policies in the future stemcell versions.
1709.10
1200.21
Improvements
- Includes CIS MS-L1 v2.2.1 security hardening for the public IaaSes (Azure, AWS and GCP)
- Intended to use with June 2018 Microsoft security updates
1709.9
Features
- With the release of official 1709 AWS AMI, we will be publishing the 1709 AWS Stemcell on bosh.io 1709.11 onwards.
Bug Fix
- Updated the bosh-davcli and the bosh-s3cli to the latest.
- Repairs NTP. Specifically, run time sync command via Powershell to strip quotes from NTP server (https://www.pivotaltracker.com/n/projects/1479998/stories/157879237)
1200.20
Bug Fix
- Updated the bosh-davcli and the bosh-s3cli to the latest to enable the OpsManager TLS Blobstore feature for PASW and PASW 2012R2
- Repairs NTP. Specifically, run time sync command via Powershell to strip quotes from NTP server (https://www.pivotaltracker.com/n/projects/1479998/stories/157879237)