What’s New with Chef Habitat

Chef Habitat is an open source automation product for defining, packaging, and delivering applications to any environment, regardless of operating system or platform. In the first half of 2020, we’ve rolled out a number of new features in Habitat, including building out integrations with Chef Automate. We’re really excited about the incredible progress we’ve made […]

Read More

Chef Server 12.0.6 Released

Today we’re pleased to announce that Chef Server 12.0.6 has been released. This update contains the latest OpenSSL 1.0.1m along with further bug fixes and API improvements. ### OpenSSL 1.0.1m While the Chef Server and other Chef products that ship with OpenSSL are not vulnerable to CVE-2015-0291 (see our earlier blog post by Charles Johnson), we’ve […]

Read More

Chef Server 12.0.2 Release

Ohai! Today we’ve released Chef Server 12.0.2, a small bugfix release that addresses a critical bug in the upgrade process from Enterprise Chef 11 that was causing upgrades to hang during long-running migrations. The latest packages can be downloaded from https://downloads.chef.io/chef-server. ### Release Notes: #### Bug Fixes: The following items are the set of bug […]

Read More

Chef Server 12 Released

Ohai Chefs! Today, after a thorough RC testing phase that included a great amount of feedback and contribution from the Chef community, we’re pleased to announce the GA release of Chef Server 12. This release brings the previously premium features of Enterprise Chef, namely multi-tenancy and role-based access control, into Open Source Chef. ## What’s […]

Read More

Security Releases: Chef Server and Premium Features (insecure file ownership)

Today we are announcing security releases of all supported versions of the Chef Server, Enterprise Chef, and Chef Software-built premium features. These releases address package ownership issues on Debian-based platforms that result in Omnibus-built packages installing with contents owned by UID and GID 999 or 1001. This vulnerability allows a non-root attacker to modify or […]

Read More

Announcing Chef Server 12 Release Candidate

Today we’re pleased to announce the public availability of the first Chef Server 12 Release Candidate. This release brings the differentiating features of Enterprise Chef, namely multi-tenancy and role-based access control, into Open Source Chef. ## What’s New Chef Server 12 brings a host of improvements that will be welcomed by existing Open Source and […]

Read More

Chef Server 11.1.1 Release

Open Source Chef Server 11.1.1 is a security release that includes an updated version of OpenSSL that patches CVE-2014-0224. All installs of Open Source Chef should be upgraded immediately. This bug permits an attacker to execute an undetectable MITM attack on an otherwise secure connection. As a result, the attacker could read or alter any […]

Read More