Automate version 4.12.69 Released!

chef-ci · March 6, 2024, 4:16pm

We are delighted to announce the availability of version 4.12.69 of Chef Automate.

Improvements

Fixed a bug that was causing the failure of the Automate config patch while patching the backup path. (#8341)

Fixed a security issue that allows Chef tags to accept HTML text, URL, all special characters, and weak cipher. (#8355)

Updated OpenSearch to 1.3.14 to fix the following CVE issues:
- CVE-2023-45807
- CVE-2023-31141
- CVE-2023-25806
- CVE-2023-23933
- CVE-2023-23613
- CVE-2023-23612
Updated NodeJS to 14.21.3 to fix the following CVEs:
- CVE-2023-23918
- CVE-2023-23919
- CVE-2023-23920
- CVE-2023-23936
- CVE-2023-24807
Updated marked to version 4.0.10 to fix the following CVEs:
- CVE-2022-21681
- CVE-2022-21680
Updated expressJS version to 4.18.2 to fix the following CVEs:
- CVE-2022-24999
Update ansi-regex to 5.0.1 which fixes the following CVEs:
- CVE-2021-3807
Update rack to 2.2.6.4 which fixes the following CVEs:
- CVE-2022-30123
Update yaml.v2 to 2.4.0 which fixes the following CVEs:
- CVE-2022-3064

This release uses:

This release uses:

This release supports the following external Chef products:

This release is built on the following framework versions:

View the package manifest for the latest release.

As always, we welcome your feedback and invite you to contact us directly or share your feedback online. Thanks for using Chef Automate!

Topic	Replies	Views
Automate version 4.13.76 Released! Chef Release Announcements	41	January 9, 2025
Automate version 4.0.91 Released! Chef Release Announcements	676	June 9, 2022
Automate version 4.0.54 Released! Chef Release Announcements	547	May 25, 2022
Automate version 4.13.0 Released! Chef Release Announcements	106	September 24, 2024
Automate version 4.11.0 Released! Chef Release Announcements	793	October 31, 2023