forked from xtreme-sameer-vohra/docs-stemcell-rn
-
Notifications
You must be signed in to change notification settings - Fork 0
/
windows-stemcell-v1709x.html.md.erb
214 lines (121 loc) · 9.7 KB
/
windows-stemcell-v1709x.html.md.erb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
---
title: Stemcell v1709.x (Windows Server version 1709) Release Notes
owner: Windows
---
This topic includes release notes for Windows stemcells used with Pivotal Application Service for Windows (PASW).
To download a stemcell, see [Stemcells for PCF (Windows)](https://network.pivotal.io/products/stemcells-windows-server) on Pivotal Network.
<p class="note"><strong>Note</strong>: The Windows stemcell v1709.x line is compatible with PASW v2.1 and v2.2.</p>
## <a id="1709.19"></a>1709.19
### Features
- Includes [March 2019 Microsoft Security Updates](https://support.microsoft.com/en-us/help/4489886).
### Bug Fix
- Disabled additional configuration related to NetBios. See the Pivotal Tracker [story](https://www.pivotaltracker.com/story/show/163772249).
## <a id="1709.18"></a>1709.18
**Release Date**: March 1, 2019
- **[Patches]** Included [February Patch Tuesday Microsoft Security Updates](https://support.microsoft.com/en-us/help/4486996).
## <a id="1709.17"></a>1709.17
**Release Date**: January 24, 2019
- **[Patches]** Included [January Patch Tuesday Microsoft Security Updates](https://support.microsoft.com/en-us/help/4480978).
- Added [fix](https://support.microsoft.com/en-us/help/4072698/windows-server-speculative-execution-side-channel-vulnerabilities-prot) for mitigating CVE-2018-3639.
## <a id="1709.16"></a>1709.16
**Release Date**: December 24, 2018
### Features
- **[Patches]** Included [December Patch Tuesday Microsoft Security Updates](https://support.microsoft.com/en-us/help/4471329).
- Added the BOSH API version in the stemcell to surface more information about the compatibility of the stemcell with BOSH.
### Bug Fix
- BOSH release job symlinks were not getting cleaned up when a target folder was removed. This issue is resolved.
## <a id="1709.15"></a>1709.15
**Release Date**: November 28, 2018
### Features
- **[Security]** Disabled use of TLS 1.0 by SSL/TLS server and client.
- **[Security]** Disabled RC4.
- **[Security]** Disabled triple-DES cipher to mitigate against Sweet32: Birthday attacks on 64-bit block ciphers in TLS.
- **[Patches]** Intended for use with [November 2018 Patch Tuesday Microsoft Security Updates](https://support.microsoft.com/en-in/help/4467686/windows-10-update-kb4467686).
- **[New IaaS Support]** Added support for AWS GovCloud.
## <a id="1709.14"></a>1709.14
**Release Date**: October 30, 2018
### Features
- Intended for use with [October 2018 Microsoft Security Updates](https://support.microsoft.com/en-us/help/4462918/windows-10-update-kb4462918).
- Disables RDP by default to improve security of the 1709 stemcells. You can still enable RDP through the PASW Tile Configuration.
### Bug Fix
- Intermittent "Access denied" errors occur during the compilation phase of PASW deployments. We have added a fix to potentially resolve them.
- Fixed the Ephemeral Disk Provisioning for Azure enabling compatibility of PASW's ephemeral disk functionality with OpsMgr on Azure.
## <a id="1709.13"></a>1709.13
**Release Date**: September 24, 2018
### Features
- Includes ephemeral disk support.
This enables you to configure the size of your Windows cells in the PAS for Windows tile.
For more information, see the [Configure Tile Resources](https://docs.pivotal.io/pivotalcf/2-1/windows/installing.html#resources) section
in _Installing and Configuring PAS for Windows_.
- Intended for use with [September 2018](https://support.microsoft.com/en-ca/help/4457142/windows-10-update-kb4457142) Microsoft Security Updates.
### Bug Fix
- Previously, the `os_version` argument was mandatory during the `Invoke-Sysprep` step.
The OS is now detected by default, and the `os_version` argument is optional.
### Known Issues
- For Google Cloud Platform (GCP) users, a bug in PASW causes outbound connections from applications deployed on PASW with this stemcell version to fail. The resolution will come in patch versions of PASW v2.1, v2.2 and v2.3.
## <a id="1709.12"></a>1709.12
**Release Date**: August 27, 2018
### Features
- Intended for use with the [August 2018](https://support.microsoft.com/en-us/help/4343897/windows-10-update-kb4343897) Microsoft Security Updates.
- Includes an important Microsoft Security Update that provides protections against a new speculative execution side-channel vulnerability known as L1 Terminal Fault (L1TF). For more information, see [Windows Support](https://support.microsoft.com/en-us/help/4343897/windows-10-update-kb4343897).
- Compatible with the latest stable OpenSSH version, `OpenSSH_for_Windows_v7.7.2.0p1-Beta`. This version fixed the issue of OpenSSH logs filling up the disk.
### Bug Fix
- Deployment of PASW fails due to "Access is Denied" error during compilation of packages on the Windows VM.
## <a id="1709.11"></a>1709.11
**Release Date**: August 2, 2018
### Features
This is the first official release of the 1709 stemcell for Amazon Web Services (AWS). PASW can be deployed on AWS going forward.
### Improvements
This release incorporates [Patch Tuesday July 2018](https://support.microsoft.com/en-us/help/4338825) security updates.
### Bug Fix
Previously, when operators selected the **Encrypt Linux EBS Volumes** checkbox in the IaaS-specific configuration section of the BOSH Director tile, the deployment of PASW would fail.
This release enables operators to select the **Encrypt Linux EBS Volumes** checkbox without the deployment of PASW failing. However, only Linux VMs will be encrypted, not Windows VMs.
### vSphere Stemcell
The source code and other assets are available on [GitHub](https://github.com/cloudfoundry-incubator/bosh-windows-stemcell-builder/releases/tag/1709.11).
## <a id="1709.10"></a>1709.10
**Release Date**: June 27, 2018
### Bug Fix
* Updated the bosh-davcli and the bosh-s3cli to the latest.
* Repairs NTP. Specifically, run time sync command via Powershell to strip quotes from NTP server. See the Pivotal Tracker [story](https://www.pivotaltracker.com/n/projects/1479998/stories/157879237).
The source code and other assets are available on [GitHub](https://github.com/cloudfoundry-incubator/bosh-windows-stemcell-builder/releases/tag/1709.10).
## <a id="1709.8"></a>1709.8
**Release Date**: June 1, 2018
### Bug Fix
* Includes a fix to support syncing as stated by Microsoft even when the time is drastically off.
The source code and other assets are available on [GitHub](https://github.com/cloudfoundry-incubator/bosh-windows-stemcell-builder/releases/tag/1709.8).
## <a id="1709.7"></a>1709.7
**Release Date**: May 24, 2018
### Improvements
* Disabled root disk resizing for the 1709 AWS stemcell.
The source code and other assets are available on [GitHub](https://github.com/cloudfoundry-incubator/bosh-windows-stemcell-builder/releases/tag/1709.7).
## <a id="1709.6"></a>1709.6
**Release Date**: May 18, 2018
### Improvements
* Intended for use with [May 2018](https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/a82328f9-1f26-e811-a968-000d3a33a34d) Microsoft security updates.
The source code and other assets are available on [GitHub](https://github.com/cloudfoundry-incubator/bosh-windows-stemcell-builder/releases/tag/1709.6).
## <a id="1709.5"></a>1709.5
**Release Date**: May 8, 2018
### Improvements
* Intended for use with [April 2018](https://support.microsoft.com/en-us/help/4093121/windows-81-update-kb4093121) Microsoft security updates.
* Disabled root disk resizing and provided large root disks by default. For more information, see [Windows Stemcells v1709.5-v1709.12](https://docs.pivotal.io/pivotalcf/2-1/windows/installing.html#1709-5) in _Installing and Configuring PAS for Windows_.
The source code and other assets are available on [GitHub](https://github.com/cloudfoundry-incubator/bosh-windows-stemcell-builder/releases/tag/1709.5).
## <a id="1709.4"></a>1709.4
**Release Date**: March 20, 2018
### Note
* You must **enable** the Meltdown and Spectre patch for it to function. See
[Creating a vSphere Stemcell by Hand](https://github.com/cloudfoundry-incubator/bosh-windows-stemcell-builder/wiki/Creating-a-vSphere-Stemcell-by-Hand) in GitHub for instruction to enable the patch.
### Improvements
* Intended for use with March 2018 Microsoft security updates.
* Intended for use with [KB4056892](https://support.microsoft.com/en-us/help/4056892) that addresses Microsoft's guidance for protection against [speculative execution side-channel vulnerabilities](https://support.microsoft.com/en-gb/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution). See Microsoft's _Known Issues_ listed in the [KB article](https://support.microsoft.com/en-us/help/4056892) for the patch.
Source code and other assets on [GitHub](https://github.com/cloudfoundry-incubator/bosh-windows-stemcell-builder/releases/tag/1709.4).
## <a id="1709.3"></a>1709.3
**Release Date**: February 21, 2018
### Note
* You must **enable** the Meltdown and Spectre patch for it to function. See
[Creating a vSphere Stemcell by Hand](https://github.com/cloudfoundry-incubator/bosh-windows-stemcell-builder/wiki/Creating-a-vSphere-Stemcell-by-Hand) in GitHub for instruction to enable the patch.
### Improvements
* Intended for use with February 2018 Microsoft security updates.
* Intended for use with [KB4056892](https://support.microsoft.com/en-us/help/4056892) that addresses Microsoft's guidance for protection against [speculative execution side-channel vulnerabilities](https://support.microsoft.com/en-gb/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution). See Microsoft's _Known Issues_ listed in the [KB article](https://support.microsoft.com/en-us/help/4056892) for the patch.
### Fixes
* Fix BOSH ssh when stemcell is operating as a Diego Cell.
Source code and other assets on [GitHub](https://github.com/cloudfoundry-incubator/bosh-windows-stemcell-builder/releases/tag/1709.3).