Tuesday, April 21, 2015

Security Release: Chef Server 12.0.8 and Enterprise Chef 11.3.1 [feedly]



----
Security Release: Chef Server 12.0.8 and Enterprise Chef 11.3.1
// Chef Blog

Ohai Chefs!

Chef Server 12.0.8 and Enterprise Chef 11.3.1 are available for immediate download. This release addresses the following vulnerabilities:

This corresponds to chef-server issue 142, "Update Embedded Openresty NGINX".

Additional Changes

Chef Server 12.0.8 has been further updated as follows:

  • The Chef Server 12.0.8 release is the first to enable Server API Versioning and sets the baseline API version at 0, while enabling versioned API behaviors for future releases. This is an internal update that has no outward effect on client or server beyond exposing a new endpoint as described in the RFC.
  • opscode-omnibus issue 744 – chef-server-ctl password command has been fixed
There have been no additional changes to Enterprise Chef 11.3.1.

Release

To apply this security update, upgrade your existing Chef Server installation to the latest available version:


----

Shared via my feedly reader


Sent from my iPhone