Automate version 4.5.37 Released!

Chef Release Announcements
1

We are delighted to announce the availability of version 4.5.37 of Chef Automate.

Upgrade Journey

Chef lets you choose your upgrade journey based on your current version of Chef Automate. You can do all the version upgrades manually.

Your Current Version Upgrade To
Any version before 20220329091442 20220329091442
20220329091442 3.0.x
3.0.49 4.x

See the Chef Automate 4.x upgrade documentation for more information.

New Features

  • You can now set the configuration for a deployment from Automate HA bastion node using the chef-automate config set command. (#7670)
  • You can now add nodes in an AWS-deployed Automate HA cluster using chef-automate node add command. (#7683)
  • Added document to upgrade AMI for AWS deployment of Automate HA (#7680)
  • Added document to in-place migration of A2HA to Automate HA (#7685, #7701)

Improvements

  • You can now fetch and apply certificates from a root or local location with read-only access. (#7678)
  • You can now use an existing AWS S3 bucket when configuring AWS deployment of Chef Automate. (#7681)
  • Improved CLI documentation to segregate Automate HA and Standalone commands (#7669)
  • Improved API documentation by adding different Status codes returned by the APIs (#7693)
  • Improved Service Now Integration and Incident App documentation to add compatible Service Now versions (#7694)
  • Improved documentation to create VPC for AWS deployment of Automate HA (#7699)

Compliance Profile Updates

Compliance profiles are updated to version 1.0.0/20230209124416, which includes the new and improved profiles for:

  • CIS Oracle Linux 8 v2.0.0
  • CIS RHEL 9 v1.0.0

Bug Fixes

  • The chef-automate cleanup command now removes the content of the directory /hab even if it is a symbolic link in Automate HA. (#7679)
  • Fixed the chef-automate backup restore command so it will restore a Chef Automate backup even when a front-end node is unhealthy. (#7688)
  • Fixed a bug where OpenSearch was consuming a lot of memory when ingesting compliance report data. (#7704)

Security

Security Improvements

  • Changes are made to fix CWE-409 vulnerability (#7676)

Security Updates

Updated OpenSearch to version 1.3.7, which fixes the following vulnerabilities:

  • CVE-2022-42889

Chef Packaged Product Versions

This release uses:

  • Chef Habitat version: 1.6.521/20220603154827
  • Chef Habitat Builder version: 10078/20220929100217
  • Chef Infra Server version: 15.4.0/20230105061154
  • Chef InSpec version: 4.56.22/20220517052126

Service Versions

This release uses:

  • Postgres: 13.5
  • OpenSearch: 1.3.7
  • Nginx: 1.21.3
  • Haproxy: 2.2.18
  • Dex: 2.27.0

Supported External Chef Products

This release supports the following external Chef products:

  • Chef Infra Server version: 14.0.58+
  • Chef Inspec version: 4.3.2+
  • Chef Infra Client: 17.0.242+
  • Chef Habitat: 0.81+

Supported Framework Versions

This release is built on the following framework versions:

  • GoLang: 1.15
  • OpenJDK: 11.0.17+8
  • Angular: 11.2.6

View the package manifest for the latest release.

As always, we welcome your feedback and invite you to contact us directly or share your feedback online. Thanks for using Chef Automate!