“The key to immortality is first living a life worth remembering” – Bruce Lee
March 14 2025
VMware Tanzu Product Releases
In this section, we will add releases information on Tanzu Platform for Cloud Foundry, Tanzu Platform for Kubernetes, Tanzu Data Services, and Tanzu Spring Essentials Products that are part of Tanzu Platform and Standalone solutions along with its release date and release notes. (Note : Broadcom Support portal requires you to register)
Tanzu Product Downloads | KB article on How to Download Products | Tanzu Product Lifecycle (Select Tanzu Division to find Tanzu product releases) | Tanzu Product Documentation
Note: Broadcom Support Portal – Download – Access changes
Tanzu Entitlement Requirements for Support Portal Download – To support the transition from Tanzu Network to Broadcom’s Customer Support Portal, product downloads were initially configured as accessible to all users. Starting March 3rd 2025, downloads will be only accessible to entitled users. After this date, users will only be able to view products they are entitled to download in the `My Downloads` section of Support Portal. Free products will be accessible via a hyperlink at the top of that page. Non-entitled products will not display in `My Downloads` and users will see a `Not Entitled` response via Tanzu Network API when attempting to generate a download link.
| Product Name | Version | Release Date | Related Links |
| VMware Tanzu Platform Tanzu Operations Manager Fix database migration , component version updates. Check Release Notes for details | 3.0.39+LTS-T | 2025-03-13 | ReleaseNotes |
| Tanzu Platform for Cloud Foundry (TPCF or TAS) Features and Bug Fixes addressed. Check Release Notes for details | 10.0.3 6.0.13+LTS-T 4.0.33+LTS-T | 2025-03-11 | ReleaseNotes ReleaseNotes ReleaseNotes |
| Tanzu Platform for Cloud Foundry Windows (TAS for Windows) Features and Bug Fixes addressed. Check Release Notes for details | 10.0.3 6.0.13+LTS-T 4.0.33+LTS-T | 2025-03-11 | ReleaseNotes ReleaseNotes ReleaseNotes |
| VMware Tanzu VMware Tanzu Kubernetes Grid Integrated Edition (TKGI) Check Release Notes changes and fix details for CLI, tile and management console details | 1.22.0(CLI and tile) 1.22.0(Mgmt Console) | 2025-03-14 | ReleaseNotes |
| VMware Tanzu Platform Spring Essentials Spring Cloud Services for VMware Tanzu (SCS) Check Release Notes for Bug Fixes and Dependency Upgrades details | 3.3.4 | 2025-03-13 | ReleaseNotes |
| VMware Tanzu Data Solutions VMware Tanzu GemFire Fixes for security issues and New Features. Check Release Notes for details | 10.0.6 | 2025-03-12 | ReleaseNotes |
| Other Releases Tanzu Platform for Cloud Foundry Isolation segment (ISO) Features and Bug Fixes addressed. Check Release Notes for details | 10.0.3 6.0.13+LTS-T 4.0.33+LTS-T | 2025-03-11 | ReleaseNotes ReleaseNotes ReleaseNotes |
VMware Tanzu Product Security Updates
Within the release notes there may be security or governance specific updates that are worth highlighting. The Tanzu Security team reviews each release and summarizes security or governance specific highlights found within the release notes.
Tanzu Security Team Disclaimer:
The summary below is a review of the above product release notes from a security and governance point of view and may not reflect specific security or governance requirements you may require. It also does not include all details from the release notes. Please review the full release notes for release details.
VMware Tanzu Platform
Tanzu Operations Manager
- Updated to Jammy Stemcell 1.785
- USN-7306-1 – GNU binutils – Resolved 2 medium CVEs
- USN-7314-1 – Kerberos – Resolved 4 medium,negligible,low CVEs
- USN-7327-1 – Linux kernel – Resolved 1 high CVE
- Resolved the following CVEs:
- CVE-2025-1365 – elfutils – Medium
- GHSA-7wqh-767x-r66v – ruby-rack – High
- GHSA-qxp5-gwg8-xv66 – golang – Medium
- CVE-2025-1371 – elfutils – Medium
- CVE-2024-25260 – elfutils – Low
- Bumped dependencies
- Fix database migration that caused some imports to fail with Installation file cannot be decrypted errors
Tanzu Platform for Cloud Foundry (TPCF or TAS)
Tanzu Platform for Cloud Foundry Isolation segment (ISO)
- [Feature] Operators can now “Enable comma-delimited lists of IPs for application security group (ASG) destinations”
- Bumped dependencies
- Resolved 72 CVEs in 10.0.3
- backup-and-restore-sdk: Resolved 1 high CVE
- bpm: Resolved 1 high CVE
- capi: Resolved 2 medium CVEs
- cf-autoscaling: Resolved 9 low, medium, high, critical CVEs
- cf-networking: Resolved 2 medium CVEs
- cflinux4: Resolved 3 medium, high CVEs
- credhub: Resolved 4 medium, high CVEs
- diego: Resolved 3 medium, high CVEs
- garden-runc: Resolved 2 medium, high CVEs
- log-cache: Resolved 3 medium, high CVE
- loggregator: Resolved 3 medium, high CVEs
- loggregator-agent: Resolved 3 medium, high CVEs
- mapfs: Resolved 6 medium, high, critical CVEs
- mysql-monitoring: Resolved 3 medium, high CVEs
- nats: Resolved 3 medium, high CVEs
- nfs-volume: Resolved 5 medium, high CVEs
- otel-colector: Resolved 1 high CVE
- pxc: Resolved 3 medium, high CVEs
- silk: Resolved 2 medium CVEs
- smb-volume: Resolved 3 medium, high CVEs
- statsd-injector: Resolved 3 medium, high CVEs
- syslog: Resolved 2 medium CVEs
- system-metrics-scraper: Resolved 3 medium, high CVEs
- uaa: Resolved 2 medium, high CVEs
- Resolved 69 CVEs in 6.0.13
- backup-and-restore-sdk: Resolved 1 high CVE
- bpm: Resolved 1 high CVE
- capi: Resolved 2 medium CVEs
- cf-autoscaling: Resolved 9 low, medium, high, critical CVEs
- cf-networking: Resolved 2 medium CVEs
- cflinux4: Resolved 3 medium, high CVEs
- credhub: Resolved 4 medium, high CVEs
- garden-runc: Resolved 2 medium, high CVEs
- log-cache: Resolved 3 medium, high CVE
- loggregator: Resolved 3 medium, high CVEs
- loggregator-agent: Resolved 3 medium, high CVEs
- mapfs: Resolved 6 medium, high, critical CVEs
- mysql-monitoring: Resolved 3 medium, high CVEs
- nats: Resolved 3 medium, high CVEs
- nfs-volume: Resolved 5 medium, high CVEs
- otel-colector: Resolved 1 high CVE
- pxc: Resolved 3 medium, high CVEs
- silk: Resolved 2 medium CVEs
- smb-volume: Resolved 3 medium, high CVEs
- statsd-injector: Resolved 3 medium, high CVEs
- syslog: Resolved 2 medium CVEs
- system-metrics-scraper: Resolved 3 medium, high CVEs
- uaa: Resolved 2 medium, high CVEs
- Resolved 71 CVEs in 4.0.32
- backup-and-restore-sdk: Resolved 1 high CVE
- bpm: Resolved 1 high CVE
- capi: Resolved 2 medium CVEs
- cf-autoscaling: Resolved 9 low, medium, high, critical CVEs
- cf-networking: Resolved 2 medium CVEs
- cflinux4: Resolved 3 medium, high CVEs
- credhub: Resolved 4 medium, high CVEs
- garden-runc: Resolved 2 medium, high CVEs
- log-cache: Resolved 3 medium, high CVE
- loggregator: Resolved 3 medium, high CVEs
- loggregator-agent: Resolved 3 medium, high CVEs
- mapfs: Resolved 6 medium, high, critical CVEs
- metrics-discovery: Resolved 3 medium, high CVEs
- mysql-monitoring: Resolved 3 medium, high CVEs
- nats: Resolved 3 medium, high CVEs
- nfs-volume: Resolved 5 medium, high CVEs
- pxc: Resolved 3 medium, high CVEs
- silk: Resolved 2 medium CVEs
- smb-volume: Resolved 3 medium, high CVEs
- statsd-injector: Resolved 3 medium, high CVEs
- syslog: Resolved 2 medium CVEs
- system-metrics-scraper: Resolved 3 medium, high CVEs
- uaa: Resolved 2 medium, high CVEs
Tanzu Platform for Cloud Foundry Windows (TAS for Windows)
- [Feature] Operators can now “Enable comma-delimited lists of IPs for application security group (ASG) destinations”
- Bumped dependencies
- Resolved 7 CVEs in 10.0.3
- diego: Resolved 3 medium, high CVEs
- garden-runc: Resolved 1 high CVE
- loggregator-agent: Resolved 3 medium, high CVEs
- Resolved 4 CVEs in 6.0.13
- garden-runc: Resolved 1 high CVE
- loggregator-agent: Resolved 3 medium, high CVEs
- Resolved 7 CVEs in 4.0.32
- garden-runc: Resolved 1 high CVE
- loggregator-agent: Resoled 3 medium, high CVEs
- metrics-discovery: Resolved 3 medium, high CVEs
VMware Tanzu
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
- TKGI v1.22.0 has no breaking changes
- TKGI v1.22.0 has no new features or enhancements
- Bumped dependencies
- TKGI v1.22.0 resolves the following issues:
- Management Console does not display cluster information
- Pause image not pinned in upgraded clusters
- Patched vsphere-cloud-controller-manager component to address CVE 2016-2183
- Resolved 466 CVEs in 1.22.0
- antrea: Resolved 72 low, medium, high CVEs
- aws-cpi: Resolved 5 medium, high, critical CVEs
- azure-cpi: Resolved 6 low, medium, high CVEs
- pks-telemetry: Resolved 376 low, medium, high, critical CVEs
- vsphere-cpi: Resolved 7 low, medium, high, critical CVEs
VMware Tanzu Platform Spring Essentials
Spring Cloud Services for VMware Tanzu (SCS)
- The following dependencies are upgraded in this release:
- Routing to 0.331.0
- Backup and Restore SDK to 1.19.45
- BPM to 1.4.16
- Updated to Jammy Stemcell 1.785
- USN-7306-1 – GNU binutils – Resolved 2 medium CVEs
- USN-7314-1 – Kerberos – Resolved 4 medium,negligible,low CVEs
- USN-7327-1 – Linux kernel – Resolved 1 high CVE
VMware Tanzu Data Solutions
VMware Tanzu GemFire
- Tanzu GemFire 10.0.6 includes fixes for the following security issues:
- Spring: CVE-2024-38816, CVE-2024-38820
- DOMPurify: CVE-2024-47875, CVE-2024-45801, CVE-2025-26791
- Jetty: CVE-2024-8184, CVE-2024-6763
- Netty: CVE-2024-47535
- Issues resolved in GemFire 10.0.6
- Tokens are now redacted in the same way passwords are. Tokens will be replaced with asterisks in places such as logs and gfsh history.
- Fixes a file descriptor leak when a TLS handshake times out.
- Ping forwarding is deprecated. Do not use the same hostname-for-clients for WAN receivers.
- TLS server-to-server connections use less CPU.
Check out the troubleshooting Tips and Resolutions on various Tanzu Products. This section is a great resource for you to bookmark and quickly prevent issues before pushing applications to Production.
VMware Tanzu Application Service (TAS)
Tuning Autoscaler HTTP throughput rules and Loggregator to run in successfully – This article will explain how to check if the log and metrics volume from your application is capable of being handled by Log Cache in your environment or if Loggregator will need to be scaled up.
Appsmanage UI is not working with banner message “Warning: Log-in session expired for the following foundations: home. Click here to renew your session.” – The cause can be related to the users idle time or can be related to a network/transient issue that is causing the UI to not function correctly, thus throwing the warning. Check the article for resolution.
Unable to edit the resource limits when creating a job in Apps Manager – Some Customers may run into this issue where Memory Limit, Disk Limit, and Log Rate Limit fields are grayed out and cannot be edited. Check this article for resolution.
Addressing CVE-2024-12084 & CVE-2024-12085 vulnerabalities in TPCF – Check the article to know what is the impact and which version has the fix details.
VMware Tanzu Kubernetes Grid Integrated Edition (TKGI)
Tanzu Kubernetes Grid Integrated Edition (TKGi) | Override Extend Certificate Expiry Expiration – There might be scenarios where overriding or extending the expiry of certificates becomes necessary. Check the article for details and steps.
Tanzu Course Updates
The Using VMware Tanzu Platform for Cloud Foundry course has its hands-on lab environment updated to the latest v10 version.
Spring Updates
Secure and Scale Your Digital Transformation with Spring Cloud Gateway Extensions (Blog) Michelle Sebek With every enterprise application now dependent on robust API infrastructure, the stakes for effective management couldn’t be higher.
This Week in Spring – March 11th, 2025 (Blog) Josh Long Welcome to another installment of This Week in Spring!
Tanzu Data
Introducing VMware Tanzu Data Lake: Unlock the Power of Hybrid Hadoop (Blog) VMware Tanzu Team As organizations continue their digital transformation journey, data architectures must evolve to handle growing volumes of structured, semi-structured, and unstructured data efficiently.
Cloud Foundry Weekly Series – Subscribe | RSS Feed
ConcourseGPT – Taming the Beasts of CI/CD – Cloud Foundry Weekly : Ep 49 – (Video) Nick Kuhn ConcourseGPT aims to tame the Beasts of CI/CD Infrastructure with AI-generated documentation! Must Watch if you are using Concourse.
Upcoming Events and Webinars sorted in Date order below for your convenience with relevant links and information for you to not miss these key happenings.
What’s new in VMware Tanzu RabbitMQ 4.1 | April 30, 2025 | 10am PST
What’s new in VMware Tanzu RabbitMQ 4.1 – Register Now – Six months after the major Tanzu RabbitMQ 4.0 release, join Howard Twine for a webinar exploring new features in v4.1, including enhanced AMQP, streaming, and a revamped Scheduled/Delayed messaging plugin.
Spring Podcasts/ Office Hours
A Bootiful Podcast: Jonatan Ivanov, observability legend on the Micrometer team In this installment we talk to one of the Willy Wonka’s of observability, the amazing Jonatan Ivanov! This episode was recorded at ConFoo 2025.
Tanzu What’s New Series – Weekly Tanzu digest on Tanzu product Releases, KB Articles, Success Stories, Updates, Blogs, Videos & More – You can also Subscribe for this weekly update on the official VMWare Tanzu Linked In Newsletter Now!!!! We now have 11k + subscribers and growing!!
Tanzu Academy – An on-demand, comprehensive learning hub for platform and application operators to become experts at achieving meaningful outcomes with Tanzu products. Updated VMware Tanzu Platform for Cloud Foundry lab updated with version 10
Tanzu Fundamentals (Videos)
Tanzu Webinars – New home
Tanzu Blogs – All Tanzu blogs will be here
Spring by VMware Tanzu Blog – Find all Spring updates, events, podcasts and more | Spring Office Hours
Spring Academy – The new Spring Academy Pro FREE is live! Check out the details here
Tanzu Documentation – Tanzu Platform | Tanzu Data Solutions | Tanzu Platform Services | Tanzu Spring | Tanzu Standalone Components | Reference Architectures
Tanzu Hands on Labs (HOL) – Self Paced Labs to try hands on Tanzu Products
Can’t get enough? Get weekly updates when you subscribe to our LinkedIn newsletter and RSS Feed.
