Blog-Icon_5_100x385

Security Releases: Chef Server 12, Enterprise Chef 11, Chef Manage

By

Ohai Chefs!

Today we have releases of Chef Server 12.1.0, Enterprise Chef Server 11.3.2, and Chef Manage 1.17.0 which contain the following security updates:

  • Redis 2.8.21

This update addresses CVE-2015-4335, a remote code execution vulnerability in Redis. We recommend that users of Chef Manage and of Chef Server in HA or Tiered topologies update as soon as possible. Open Source Chef Server 11 is not affected. Supermarket will ship with an updated Redis in the next release. Chef Servers in a standalone configuration are configured such that Redis only listens for local connections; however, we still encourage everyone to upgrade.

Updated packages are available for immediate download on http://downloads.chef.io and via our Apt and RPM repositories.

In addition to this security update, Chef Server 12.1.0 has performance improvements, new features, and bug fixes. Please see the Chef Server 12.1 Release Announcement.

Posted in:
Tags:
releases Security

Steven Danna

Categories

INTERNET US

Company
Using Chef
Legal
Connect with us
Contact Us

Chef is part of the Progress product portfolio. Progress is the leading provider of application development and digital experience technologies.

Copyright © 2024 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.

Progress, Telerik, Ipswitch, Chef, Kemp, Flowmon, MarkLogic, Semaphore and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See Trademarks for appropriate markings.

Do Not Sell or Share My Personal Information

Powered by Progress Sitefinity