Azure Stack Hub hotfix 1.2306.4.101

Summary

  • Fixed bugs causing infrastructure faults.
  • Fixed an issue in which users were able to create duplicate and external infrastructure DNS zones.

Fixes rolled up from previous hotfix releases

  • Fixed the CloudManifest feature to avoid adding non-self-signed certificates to the root store.
  • Fixed an issue in the portal that might send a token to an untrusted domain when modifying custom dashboards.
  • Fixed XSS vulnerability on metadata endpoint.
  • Portal framework accessibility fixes and other updates.
  • Azure Stack Hub spoofing vulnerability CVE.
  • This hotfix includes Windows security updates applied to external-facing infrastructure VMs (internal infrastructure VMs that are capable of hosting endpoints external to Azure Stack Hub). The addition of these security updates can potentially increase the hotfix installation time.
  • Fixed an issue in NRP in which duplicate IP addresses could be assigned to NICs in some scenarios.

Hotfix information

To apply this hotfix, you must have version 1.2306.2.47 or later.

Important

As outlined in the release notes for the 2306 update, make sure that you refer to the update activity checklist on running Test-AzureStack (with specified parameters), and resolve any operational issues that are found, including all warnings and failures. Also, review active alerts and resolve any that require action.

File information

Download the following files. Then, follow the instructions in Apply updates in Azure Stack to apply this update.

Download the zip file now.

Download the hotfix xml file now.

More information

Azure Stack Hub update resources

Apply updates in Azure Stack

Monitor updates in Azure Stack by using the privileged endpoint