View categories

Categories

Heroku Architecture
- Dynos (app containers)
- Stacks (operating system images)
- Networking & DNS
- Platform Policies
- Platform Principles

Command Line

Deployment
- Deploying with Git
- Deploying with Docker
- Deployment Integrations

Continuous Delivery
- Continuous Integration

Language Support
- Node.js
- Ruby
  - Rails Support
  - Working with Bundler
- Python
  - Background Jobs in Python
  - Working with Django
- Java
  - Working with Maven
  - Java Database Operations
  - Java Advanced Topics
  - Working with Spring Boot
- PHP
- Go
  - Go Dependency Management
- Scala
- Clojure

Databases & Data Management
- Heroku Postgres
  - Postgres Basics
  - Postgres Getting Started
  - Postgres Performance
  - Postgres Data Transfer & Preservation
  - Postgres Availability
  - Postgres Special Topics
- Heroku Data For Redis
- Apache Kafka on Heroku
- Other Data Stores

Monitoring & Metrics
- Logging

App Performance

Add-ons
- All Add-ons

Collaboration

Security
- App Security
- Identities & Authentication
  - Single Sign-on (SSO)
- Compliance

Heroku Enterprise
- Private Spaces
  - Infrastructure Networking
- Enterprise Accounts
- Enterprise Teams
- Heroku Connect (Salesforce sync)
  - Heroku Connect Administration
  - Heroku Connect Reference
  - Heroku Connect Troubleshooting

Patterns & Best Practices

Extending Heroku
- Platform API
- App Webhooks
- Heroku Labs
- Building Add-ons
  - Add-on Development Tasks
  - Add-on APIs
  - Add-on Guidelines & Requirements
- Building CLI Plugins
- Developing Buildpacks
- Dev Center

Accounts & Billing

Troubleshooting & Support

Integrating with Salesforce

CVE-2015-0235 "Ghost"

Change effective on 28 January 2015

At 8am (PST) yesterday (Jan 27th), Ubuntu and other vendors disclosed a vulnerability (CVE-2015-0235) in the gethostbyname functions in libc which allows an attacker to execute remote code via lookups executed on a specially-crafted hostname. You can find more details about this vulnerability, known as “Ghost”, in this excellent write-up by Qualys.

Over the last day our engineers have remediated this issue. Updated stack images for our cedar stack were released yesterday, and will propagate to your dynos within the next 24 hours. If you want to quickly guarantee that your dynos have updated, restarting your dynos (ps:restart) will ensure that the new image is picked up. If you’re running the cedar-14 image, your applications were never vulnerable; this issue only affected our cedar image.

As part of our ongoing defense in depth work we expect additional maintenance windows over the coming weeks for a number of services, including Heroku Postgres.

PHP 5.5.21, PHP 5.6.5 and HHVM 3.5.0 GitHub Integration is now Generally Available