Security Release: Chef Server 12.0.8 and Enterprise Chef 11.3.1
// Chef Blog
Chef Server 12.0.8 and Enterprise Chef 11.3.1 are available for immediate download. This release addresses the following vulnerabilities:chef-server issue 142, "Update Embedded Openresty NGINX".
Chef Server 12.0.8 has been further updated as follows:
- The Chef Server 12.0.8 release is the first to enable Server API Versioning and sets the baseline API version at 0, while enabling versioned API behaviors for future releases. This is an internal update that has no outward effect on client or server beyond exposing a new endpoint as described in the RFC.
- opscode-omnibus issue 744 – chef-server-ctl password command has been fixed
To apply this security update, upgrade your existing Chef Server installation to the latest available version:
Shared via my feedly reader
Sent from my iPhone