Skip to content

Releases: pivotal/credhub-release

0.3.0

17 Oct 23:38
@pcf-sec-eng-bot pcf-sec-eng-bot
0.3.0
0b14517
Compare
Choose a tag to compare
0.3.0 Pre-release
Pre-release

Compatibility -

  • This release must use BOSH version 260.x or prior. For version 261 and later, you must use 0.4.0+.
  • CLI version 0.3.0 must be used with this release

New features -

  • Fixed CVE 2016-6655: Utility script command injection #131930061 details here
  • CEF audit logging
  • logging enhancements
  • user-provided AES key for internal encryption
  • RSA credential type (e.g. UAA JWT keys)
  • SSH credential type

[Release has been removed, as it is no longer recommended. Please install subsequent version.]

Assets 2
Loading

0.2.0

23 Sep 00:51
@pcf-sec-eng-bot pcf-sec-eng-bot
0.2.0
f6529fb
Compare
Choose a tag to compare
0.2.0 Pre-release
Pre-release

Fixes major bug that dropped the target database on re-deploy.

New features -

  • API now produces error if request includes unrecognized parameters
  • Dependencies are now vendored to static versions
  • Ability to find credentials by partial name or path search
  • Updated TLS ciphers to remove support of 'DHE-RSA-AES128-GCM-SHA256' & 'DHE-RSA-AES256-GCM-SHA384'
  • Ability to deploy with internal software encryption

[Release has been removed, as it is no longer recommended. Please install subsequent version.]

Assets 2
Loading

0.1.0 - Initial Release

08 Sep 21:27
@pcf-sec-eng-bot pcf-sec-eng-bot
0.1.0
a1fc04d
Compare
Choose a tag to compare
0.1.0 - Initial Release Pre-release
Pre-release

Initial release of the CredHub Server for alpha testing. Backward compatibility may be broken during alpha testing period, so you should check back for a new release before reporting issues.

Included Features -

  • Store arbitrary string credentials
  • Generate random string credentials (configurable params below)
    • length
    • exclude upper
    • exclude lower
    • exclude number
    • exclude special
  • Generate RSA certificates and private keys (configurable params below)
    • signing certificate authority
    • duration
    • key length
    • common name
    • subject alternative names
    • organization
    • organization unit
    • locality
    • state
    • country
  • Generate and store root CAs (same params above less CA and SAN)
  • Access control via UAA
  • Logging of all access and modification of data
  • Data storage to MySQL or PostgreSQL
  • Sensitive data encryption via HSM
  • HTTP API that conforms to BOSH config server spec

[Release has been removed, as it is no longer recommended. Please install subsequent version.]

Assets 2
Loading