Security Releases: Chef Server 12, Enterprise Chef 11, Chef Manage

Ohai Chefs! Today we have releases of Chef Server 12.1.0, Enterprise Chef Server 11.3.2, and Chef Manage 1.17.0 which contain the following security updates: Redis 2.8.21 This update addresses CVE-2015-4335, a remote code execution vulnerability in Redis. We recommend that users of Chef Manage and of Chef Server in HA or Tiered topologies update as […]

Read More

Security Breach: User information for tickets.opscode.com and wiki.opscode.com compromised.

What Happened? A vulnerability in the third-party software that runs our Open Source Chef wiki and ticketing system was exploited to gain access to that particular system. While on this system, the attacker gained escalated privileges and downloaded the user database for the wiki and ticketing system. What information was exposed? The user database that […]

Read More