Chef InSpec recognized for Compliance Automation Tools in Gartner Report

We believe Gartner provides very useful guidance for organizations struggling with balancing the need to deliver products and services to market faster while having to deal with regulations and compliance requirements that may overburden their teams. The report is titled 3 Steps to Ensure Compliance and Audit Success with DevOps, which Chef has made available […]

Read More

Product Announcement: Chef Habitat 1.5 Now Available

Chef Habitat provides automation capabilities for defining, packaging, and delivering applications to almost any environment with any operating system, on any platform. Over the last year, we’ve seen organizations like Alaska Airlines, Rakuten, Walmart, and Rizing address a broad range of application delivery automation challenges with Habitat. They’ve improved their developers’ productivity, reduced deployment failures, […]

Read More

Chef Confirms No Products Affected by Backdoored RubyGems

At Chef, we have a cross-functional security team who evaluates and responds to potential security incidents. Because a significant portion of our code uses Ruby and Ruby libraries (known as “gems”), we have been paying close attention to the reports of malicious code insertion into several gems. Shortly after the news of the compromise became […]

Read More

Supermarket 2.3.2 Security Release

Supermarket 2.3.2* is now available. This release contains bug fixes, minor enhancements, and security updates. Supermarket version 2.3.2 is a recommended update for all users running their own instances of Supermarket. Packages are available in the stable repository. Upgrading to this version can be as simple as a chef-client run on your hosts—if you’ve left […]

Read More

Security Releases: Chef Server 12, Enterprise Chef 11, Chef Manage

Ohai Chefs! Today we have releases of Chef Server 12.1.0, Enterprise Chef Server 11.3.2, and Chef Manage 1.17.0 which contain the following security updates: Redis 2.8.21 This update addresses CVE-2015-4335, a remote code execution vulnerability in Redis. We recommend that users of Chef Manage and of Chef Server in HA or Tiered topologies update as […]

Read More

Security Release: Chef Server 12.0.1 and Enterprise Chef Server 11.2.6

Available for immediate download are Chef Server 12.0.1 and Enterprise Chef Server 11.2.6. This release addresses CVE-2014-8144, a CSRF vulnerability found in doorkeeper, a gem used by the oc-id service that ships with the Chef Server. This release updates oc-id to the latest version, 0.4.4, which contains the patched doorkeeper gem. Open Source Chef Server 11 […]

Read More