Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge 2477 #2511

Merged
merged 4 commits into from
Jun 4, 2024
Merged

Merge 2477 #2511

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
e308554
Update env-vars-pages.md
boris-ning-usds Mar 18, 2024
29822dd
fix broken links
markdboyd Jun 4, 2024
442c6c1
more link fixes
markdboyd Jun 4, 2024
61eeb8b
fix link
markdboyd Jun 4, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion _pages/pages/documentation/env-vars-pages.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -35,4 +35,4 @@ Certain environment variable names are reserved for Pages use and will be ignore

Pages is a **FISMA Low** system, do NOT store variables for systems that are Moderate or High, and only expose variables if it is safe to do so. You assume the risk if the values you add contain, or allow access to information that is not suitable for this categorization. See [FISMA Security Categorization](https://csrc.nist.gov/projects/risk-management/fisma-background) for more information on FISMA information categorization.

![Image of environment variable settings]({{site.baseurl}}/assets/images/pages/env-vars.png)
![Image of environment variable settings]({{site.baseurl}}/assets/images/pages/env_var.png)
4 changes: 2 additions & 2 deletions _posts/2016-11-18-release-notes.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,5 +22,5 @@ Curious what’s new that you might find helpful as a cloud.gov application deve
### Security
You can [restage](https://docs.cloudfoundry.org/devguide/deploy-apps/start-restart-restage.html#restage) your application to incorporate the latest security fixes and ensure you’re running the most recent language version supported.

- The PHP buildpack update addresses [USN-3095-1](https://www.ubuntu.com/usn/usn-3095-1/) (assorted PHP vulnerabilities) with PHP 5.6.27 and 7.0.12. The associated CVEs are [CVE-2016-7124](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7124), [CVE-2016-7125](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7125), [CVE-2016-7127](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7127), [CVE-2016-7128](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7128), [CVE-2016-7129](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7129), [CVE-2016-7130](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7130), [CVE-2016-7131](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7131), [CVE-2016-7132](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7132), [CVE-2016-7133](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7133), [CVE-2016-7134](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7134), [CVE-2016-7411](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7411), [CVE-2016-7412](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7412), [CVE-2016-7413](https://ubuntu.com/security/CVE-2016-7413), [CVE-2016-7414](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7414), [CVE-2016-7416](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7416), [CVE-2016-7417](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7418), [CVE-2016-7418](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7418)
- The Node buildpack update addresses [USN-3087-1](https://www.ubuntu.com/usn/usn-3087-1/) (assorted OpenSSL vulnerabilities) with node 6.8.1 and 6.9.0. The associated CVEs are [CVE-2016-2177](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-2177), [CVE-2016-2178](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-2178), [CVE-2016-2179](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-2179), [CVE-2016-2180](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-2180), [CVE-2016-2181](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-2181), [CVE-2016-2182](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-2182), [CVE-2016-2183](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-2183), [CVE-2016-6302](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6302), [CVE-2016-6303](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6303), [CVE-2016-6304](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6304), [CVE-2016-6306](https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6306)
- The PHP buildpack update addresses [USN-3095-1](https://www.ubuntu.com/usn/usn-3095-1/) (assorted PHP vulnerabilities) with PHP 5.6.27 and 7.0.12. The associated CVEs are [CVE-2016-7124](https://ubuntu.com/security/CVE-2016-7124), [CVE-2016-7125](https://ubuntu.com/security/CVE-2016-7125), [CVE-2016-7127](https://ubuntu.com/security/CVE-2016-7127), [CVE-2016-7128](https://ubuntu.com/security/CVE-2016-7128), [CVE-2016-7129](https://ubuntu.com/security/CVE-2016-7129), [CVE-2016-7130](https://ubuntu.com/security/CVE-2016-7130), [CVE-2016-7131](https://ubuntu.com/security/CVE-2016-7131), [CVE-2016-7132](https://ubuntu.com/security/CVE-2016-7132), [CVE-2016-7133](https://ubuntu.com/security/CVE-2016-7133), [CVE-2016-7134](https://ubuntu.com/security/CVE-2016-7134), [CVE-2016-7411](https://ubuntu.com/security/CVE-2016-7411), [CVE-2016-7412](https://ubuntu.com/security/CVE-2016-7412), [CVE-2016-7413](https://ubuntu.com/security/CVE-2016-7413), [CVE-2016-7414](https://ubuntu.com/security/CVE-2016-7414), [CVE-2016-7416](https://ubuntu.com/security/CVE-2016-7416), [CVE-2016-7417](https://ubuntu.com/security/CVE-2016-7418), [CVE-2016-7418](https://ubuntu.com/security/CVE-2016-7418)
- The Node buildpack update addresses [USN-3087-1](https://www.ubuntu.com/usn/usn-3087-1/) (assorted OpenSSL vulnerabilities) with node 6.8.1 and 6.9.0. The associated CVEs are [CVE-2016-2177](https://ubuntu.com/security/CVE-2016-2177), [CVE-2016-2178](https://ubuntu.com/security/CVE-2016-2178), [CVE-2016-2179](https://ubuntu.com/security/CVE-2016-2179), [CVE-2016-2180](https://ubuntu.com/security/CVE-2016-2180), [CVE-2016-2181](https://ubuntu.com/security/CVE-2016-2181), [CVE-2016-2182](https://ubuntu.com/security/CVE-2016-2182), [CVE-2016-2183](https://ubuntu.com/security/CVE-2016-2183), [CVE-2016-6302](https://ubuntu.com/security/CVE-2016-6302), [CVE-2016-6303](https://ubuntu.com/security/CVE-2016-6303), [CVE-2016-6304](https://ubuntu.com/security/CVE-2016-6304), [CVE-2016-6306](https://ubuntu.com/security/CVE-2016-6306)
8 changes: 4 additions & 4 deletions _posts/2016-11-30-release-notes.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ Curious what’s new that you might find helpful as a cloud.gov application deve
### Security
The base filesystem used for running your application has been updated to address several security vulnerabilities. You can [restage your application](http://cli.cloudfoundry.org/en-US/cf/restage.html) to ensure you [incorporate fixes in the base filesystem](https://docs.cloudfoundry.org/devguide/deploy-apps/stacks.html#cli-commands) and are running the most recent language version supported by your [buildpack](https://docs.cloudfoundry.org/buildpacks/).

- [USN-3116-1: DBus vulnerabilities](https://www.ubuntu.com/usn/usn-3116-1/). The associated CVE is [CVE-2015-0245](https://people.canonical.com/~ubuntu-security/cve/2015/CVE-2015-0245)
- [USN-3117-1: GD library vulnerabilities](https://www.ubuntu.com/usn/usn-3117-1/). The associated CVEs are [CVE-2016-6911](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-6911), [CVE-2016-7568](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7568), [CVE-2016-8670](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8670)
- [USN-3119-1: Bind vulnerability](https://www.ubuntu.com/usn/usn-3119-1/). The associated CVE is [CVE-2016-8864](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8864)
- [USN-3123-1: curl vulnerabilities](https://www.ubuntu.com/usn/usn-3123-1/). The associated CVEs are [CVE-2016-7141](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7141), [CVE-2016-7167](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7167), [CVE-2016-8615](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8615), [CVE-2016-8616](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8616), [CVE-2016-8617](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8617), [CVE-2016-8618](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8618), [CVE-2016-8619](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8619), [CVE-2016-8620](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8620), [CVE-2016-8621](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8621), [CVE-2016-8622](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8622), [CVE-2016-8623](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8623), [CVE-2016-8624](https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-8624)
- [USN-3116-1: DBus vulnerabilities](https://www.ubuntu.com/usn/usn-3116-1/). The associated CVE is [CVE-2015-0245](https://ubuntu.com/security/CVE-2015-0245)
- [USN-3117-1: GD library vulnerabilities](https://www.ubuntu.com/usn/usn-3117-1/). The associated CVEs are [CVE-2016-6911](https://ubuntu.com/security/CVE-2016-6911), [CVE-2016-7568](https://ubuntu.com/security/CVE-2016-7568), [CVE-2016-8670](https://ubuntu.com/security/CVE-2016-8670)
- [USN-3119-1: Bind vulnerability](https://www.ubuntu.com/usn/usn-3119-1/). The associated CVE is [CVE-2016-8864](https://ubuntu.com/security/CVE-2016-8864)
- [USN-3123-1: curl vulnerabilities](https://www.ubuntu.com/usn/usn-3123-1/). The associated CVEs are [CVE-2016-7141](https://ubuntu.com/security/CVE-2016-7141), [CVE-2016-7167](https://ubuntu.com/security/CVE-2016-7167), [CVE-2016-8615](https://ubuntu.com/security/CVE-2016-8615), [CVE-2016-8616](https://ubuntu.com/security/CVE-2016-8616), [CVE-2016-8617](https://ubuntu.com/security/CVE-2016-8617), [CVE-2016-8618](https://ubuntu.com/security/CVE-2016-8618), [CVE-2016-8619](https://ubuntu.com/security/CVE-2016-8619), [CVE-2016-8620](https://ubuntu.com/security/CVE-2016-8620), [CVE-2016-8621](https://ubuntu.com/security/CVE-2016-8621), [CVE-2016-8622](https://ubuntu.com/security/CVE-2016-8622), [CVE-2016-8623](https://ubuntu.com/security/CVE-2016-8623), [CVE-2016-8624](https://ubuntu.com/security/CVE-2016-8624)
Loading
Loading