Skip to main content

66.0.0

· 10 min read

Added

  • all services: a9s Public API: Introduce a9s Public API as a new framework component combining the functionality of the a9s DS API Gateway and a9s SSO Proxy. This reduces complexity and improves backup download flow. For more information, see a9s Public API.
  • all services: a9s Public API: Introduce the endpoint PATCH /v1/instances/:instance_id/broker/edit in order to allow Application Developers to more easily block or forbid Maintenance (aka Automatic) Updates. For more information, see API V1 Endpoints - Update Instance Settings.
  • all services: a9s Service Broker: Introduce the endpoint GET /v2/service_bindings/:binding_id following the specifications set in OSBAPI specification - Fetching a Service Binding.
  • all services: a9s SPIs: Provide the available custom parameters for each Service Plan. This information is used to comply with the OSBAPI specification to return the configured parameters of a Service Instance or a Service Binding. For more information, see Custom Parameters.
  • a9s PostgreSQL: Add support to the pg_squeeze extension for a9s PostgreSQL 15 and a9s PostgreSQL 17. For more information, see Metrics - pg_squeeze Requirements and Usage.
  • a9s PostgreSQL: SPI: Add ability to install pg_squeeze extension using custom parameters, and set the fn_squeezer function, allowing binding users to use the extension.
  • docs: Application Developer: Add a note clarifying that metrics are only available for a9s Parachute v2. For more information, see a9s Parachute Metrics.
  • docs: Application Developer: Add information on how to retrieve parameters of a Service Instance. For more information, see Custom Parameters.
  • docs: Application Developer: Add pg_squeeze to the list of available PostgreSQL extensions and describe its required parameters, usage and limitations. For more information, see Service Instance Metrics - Available Extensions. and Migration Matrix.
  • docs: Application Developer: a9s Service Dashboard: Add a section to explain the asynchron data retrival behaviour of the a9s Service Dashboard. For more information, see Asynchron Data in the a9s Service Dashboard.
  • docs: Platform Operator: Add a note clarifying that metrics are only available for a9s Parachute v2. For more information, see a9s Parachute Metrics.
  • docs: Platform Operator: Add an example on how to rotate the a9s Backup Manager database's encryption salts in the "a9s Data Services Administrative Tasks" page. For more information, see a9s Data Services Administrative Tasks - Rotate database encryption salts.
  • docs: Platform Operator: Restructure information regarding "Automatic Updates" in a new page with more information about the types of updates, implementation details, blocking capabilities, and important limitations. For more information, see Maintenance Updates.
  • docs: Platform Operator: a9s Prometheus: Specify ports required for the installation of a9s Prometheus. For more information, see a9s Data Services Installation - Required Ports.
  • docs: Platform Operator: a9s Service Broker: Add documentation for the new a9s Service Broker property anynines_service_broker.service_broker.redact_parameters. For more information, see a9s Service Broker - Properties.

Changed

  • breaking change all services: a9s Public API: Extend IaaS config to add Cloud Foundry System Domain Certificate to ensure secure communication between a9s Public API and Cloud Foundry. For more information, see IaaS Configuration Properties - Cloud Foundry Object.
  • breaking change all services: a9s Public API: Rename the service-dashboard BOSH Instance Group to public-api. This reflects the refactoring of a9s Dashboard API, a9s DS API Gateway, and a9s SSO Proxy into a9s Public API.
  • all services: a9s Public API: Re-enable the backup download endpoint for a9s Public API v1, after improving the download streaming flow. For more information, see API V1 Endpoints.
  • all services: a9s Service Dashboard: Restore the use of the backup download endpoint of a9s Public API V1, after re-enabling the endpoint.
  • a9s CF Service Guard: Enforce stricter code-style checks as part of ongoing security improvements.
  • docs: Application Developer: Adapt a9s Public API v1 documentation after re-enabling the endpoint for backup downloads. For more information, see API V1 Endpoints.
  • docs: Application Developer: Adapt the example cURL commands to fetch a new bearer token for each API request. For more information, see API V1 Endpoints.
  • docs: Application Developer: Clarify the relationship between the backup_id and backup_guid parameters on the "Forking a Service Instance" documentation. For more information, see Forking a Service Instance - Retrieving the Wanted Backup's ID.
  • docs: Application Developer: Restructure the page "Custom Parameters" for better readability. For more information, see Custom Parameters.
  • docs: Application Developer: Improve the information regarding Automatic (aka Maintenance) Updates in the Using a9s Service Dashboard page.
  • docs: Application Developer: a9s Service Dashboard: Update the documentation to contain further informations about the automatic reload feature. For more information, see Automatic Reload.
  • docs: Platform Operator: Rename mentions of the 'Automatic Updates' and/or 'Available Updates' to 'Maintenance Updates'. These names have been observed to be misleading, hence why they are being gradually replaced. For more information, see Maintenance Updates.
  • docs: Platform Operator: all services: Update Instance Groups from service-dashboard to public-api. For more information, see Required Ports.
  • docs: Platform Operator: a9s Parachute: Emphasize that the parachute usage limit should not be set to values >90%. For more information, see Parachute Resource Considerations.
  • docs: Platform Operator: a9s Public API: Update documentation to reflect changes to a9s Public API. For more information, see a9s Public API.
  • BOSH stemcell: all services: Update Jammy stemcell to version 1.926 for internal tests of all supported services.

Updated Dependencies

  • all services:
    • a9s DS API Gateway:
      • krakend-custom-plugins to v2.11.2.
      • krakend to v2.11.2.
    • a9s SPIs:
      • Update internal dependencies.
    • a9s Logstash:
      • a9s Logstash 8:
        • Logstash to v8.19.5.
    • nginx:
      • PCRE2 to v10.47.
      • nginx to v1.29.2.
    • routing to v0.351.0.
  • a9s Backup Services:
    • a9s Backup Agent: Bump Ruby gem dependencies.
    • a9s Backup Manager: Bump Ruby gem dependencies.
    • a9s Backup Monit: Bump Ruby gem dependencies.
  • a9s Billing:
    • routing to v0.348.0.
    • Bump Ruby gem dependencies.
  • a9s BOSH Deployer: Bump Ruby gem dependencies.
  • a9s CF Service Guard: Bump Ruby gem dependencies.
  • a9s Elasticsearch: a9s Elasticsearch SPI: Bump Ruby gem dependencies.
  • a9s MongoDB: a9s MongoDB 7: mongodb to v7.0.25.
  • a9s MySQL: a9s MySQL SPI: Bump Ruby gem dependencies.
  • a9s PostgreSQL:
    • a9s PostgreSQL SPI: Bump Ruby gem dependencies.
    • a9s PostgreSQL 13: cmake3 to v3.31.9.
    • a9s PostgreSQL 17: tiff4 to v4.7.1.
  • a9s Prometheus:
    • prometheus2:
      • bosh_exporter to v3.7.2.
      • mysqld_exporter to v0.18.0.
      • postgres_exporter to v0.18.1.
    • prometheus-legacy:
      • bosh_exporter to v3.7.2.
      • mysqld_exporter to v0.18.0.
      • postgres_exporter to v0.18.1.
    • promgraf2:
      • bosh_exporter to v3.7.2.
      • mysqld_exporter to v0.18.0.
      • postgres_exporter to v0.18.1.
  • a9s Redis: a9s Redis SPI: Bump Ruby gem dependencies.
  • a9s Service Broker: Bump Ruby gem dependencies.
  • a9s Smoke Tests: Bump Ruby gem dependencies.
  • a9s SSO Proxy: Bump Ruby gem dependencies.

Removed

  • breaking change all services: a9s Dashboard API: Remove the a9s Dashboard API BOSH release in favor of a9s Public API BOSH release.
  • breaking change all services: a9s DS API Gateway: Remove the a9s DS API Gateway BOSH release in favor of a9s Public API BOSH release.
  • breaking change all services: a9s Public API: Remove a9s Public API v0 endpoint for backup downloads. You can now use the restored a9s Public API v1 endpoint. For more information, see API V1 Endpoints.
  • breaking change all services: a9s SSO Proxy: Remove the a9s SSO Proxy BOSH release in favor of the a9s Public API BOSH release.
  • docs: Platform Operator: Remove the outdated Browser Compatibility section from the a9s Service Dashboard Considerations documentation page.

Fixed

  • all services: a9s Backup Manager: Fix the restored_from time of Disaster Recovery restores to use the time when source backup file was last modified.
  • a9s Backup Services: a9s Backup Manager: Ensure that the a9s Backup Manager selects the proper backup store for retrieving backup files when performing a Disaster Recovery in a Two Sites Two Backup Stores setup. For more information, see Disaster Recovery - Two Sites Two Backup Stores.
  • a9s PostgreSQL: a9s PostgreSQL 17: Revert min_wal_size and max_wal_size to their original default value, 80MB and 1GB, respectively. The default values of the parameters are being reverted, so that smaller plans do not consume more resources than necessary during data manipulation processes.
  • docs: Application Developer: Fix the default value of the max_replication_slots custom parameter, and clarify its description. Update the documented default value of max_replication_slots to 0, as the previous value was incorrectly stated in the documentation. For more information, see max_replication_slots.
  • docs: Platform Operator: a9s KeyValue: Fix the documented modifiable value of the custom parameters repl-backlog-size, min-replicas-to-write, and min-replicas-max-lag. For more information, see a9s KeyValue SPI Configuration.
  • docs: Platform Operator: a9s LogMe2: Fix the documented default value of thejava_maxmetaspace custom parameter. For more information, see a9s LogMe2 SPI Configuration.
  • docs: Platform Operator: a9s MariaDB: Fix the documented modifiable value of the databases custom parameter. For more information, see a9s MariaDB SPI Configuration.

Security

  • a9s Backup Services:
    • a9s Backup Agent:
      • CVE-2025-61919
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
    • a9s Backup Manager:
      • CVE-2025-61919
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
    • a9s Backup Monit: Fix CVEs:
      • CVE-2025-59830
  • a9s Billing:
    • CVE-2025-24293
    • CVE-2025-59830
    • CVE-2025-61919
    • CVE-2025-61770
    • CVE-2025-61771
    • CVE-2025-61772
  • a9s BOSH Deployer:
    • CVE-2025-61919
    • CVE-2025-61770
    • CVE-2025-61771
    • CVE-2025-61772
  • a9s CF Service Guard:
    • CVE-2025-61919
    • CVE-2025-61770
    • CVE-2025-61771
    • CVE-2025-61772
  • a9s Elasticsearch:
    • a9s Elasticsearch SPI: Fix CVEs:
      • CVE-2025-59830
      • CVE-2025-61919
      • CVE-2025-61770
      • CVE-2025-61771
  • a9s KeyValue:
    • a9s KeyValue SPI: Fix CVEs:
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
      • CVE-2025-61919
    • a9s Valkey 8: Fix CVEs:
      • CVE-2025-49844
      • CVE-2025-46817
      • CVE-2025-46818
      • CVE-2025-46819
  • a9s LogMe2:
    • a9s LogMe2 SPI: Fix CVEs:
      • CVE-2025-59830
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
      • CVE-2025-61919
  • a9s MariaDB:
    • a9s MariaDB SPI: Fix CVEs:
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
      • CVE-2025-61919
  • a9s Messaging:
    • a9s Messaging SPI: Fix CVEs:
      • CVE-2025-59830
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
      • CVE-2025-61919
  • a9s MongoDB:
    • a9s MongoDB SPI: Fix CVEs:
      • CVE-2025-59830
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
      • CVE-2025-61919
  • a9s MySQL:
    • a9s MySQL SPI: Fix CVEs:
      • CVE-2025-59830
      • CVE-2025-61919
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
  • a9s PostgreSQL:
    • a9s PostgreSQL SPI: Fix CVEs:
      • CVE-2025-61919
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
  • a9s Prometheus:
    • a9s Prometheus SPI:
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
      • CVE-2025-61919
  • a9s Redis:
    • a9s Redis SPI: Fix CVEs:
      • CVE-2025-59830
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
      • CVE-2025-61919
    • a9s Redis 7: Fix CVEs:
      • CVE-2025-49844
  • a9s Search:
    • a9s Search SPI: Fix CVEs:
      • CVE-2025-61770
      • CVE-2025-61771
      • CVE-2025-61772
      • CVE-2025-61919
  • a9s Service Broker:
    • CVE-2025-61919
    • CVE-2025-61770
    • CVE-2025-61771
    • CVE-2025-61772
  • a9s Smoke Tests:
    • CVE-2025-61919
    • CVE-2025-61770
    • CVE-2025-61771
    • CVE-2025-61772
  • a9s SSO Proxy:
    • CVE-2025-61919
    • CVE-2025-61770
    • CVE-2025-61771
    • CVE-2025-61772