Saturday, January 30, 2016

Supermarket 2.3.2 Security Release [feedly]



----
Supermarket 2.3.2 Security Release
// Chef Blog

Supermarket 2.3.2* is now available. This release contains bug fixes, minor enhancements, and security updates.

Supermarket version 2.3.2 is a recommended update for all users running their own instances of Supermarket. Packages are available in the stable repository. Upgrading to this version can be as simple as a chef-client run on your hosts—if you've left the version of Supermarket at the default :latest—or updating your wrapper cookbook's attributes to ['supermarket_omnibus']['package_version'] = '2.3.2'.

The community Supermarket has already been updated.

Security Fixes:
  • Upgrade Nokogiri to address a CVE
  • Upgrade Rails to address CVEs
Bug Fixes:
  • Prevent test suite from calling out to 3rd party services.
  • Fix omission of PostgreSQL extension requirement in migrations.
  • Fix people and titles disappearing from dashboard on small displays.
  • Pin Berkshelf version embedded in omnibus package to prevent net-ssh conflicts.
Enhancements:
  • Increase changelog content included in email notifications.
  • Increase number of companies contributing displayed on a page.
* Version 2.3.1 was not released because of a problem with conflicting versions of net-ssh discovered during packaging.

----

Shared via my feedly reader


Sent from my iPhone