Chef 14.8.12 Released!

Hey Everyone,

We're happy to announce the release of Chef v14.8.12! This release includes a ton of updated resources, improved virtualization and platform detection, as well as openSSL security updates.

Updated Resources

apt_package

The apt_package resource now supports using the allow_downgrade property to enable downgrading of packages on a node in order to meet a specified version. Thank you @whiteley for requesting this enhancement.

apt_repository

An issue was resolved in the apt_repository resource that caused the resource to fail when importing GPG keys on newer Debian releases. Thank you @EugenMayer for this fix.

dnf_package / yum_package

Initial support has been added for Red Hat Enterprise Linux 8. Thank you @pixdrift for this fix.

gem_package

gem_package now supports installing gems into Ruby 2.6 or later installations.

windows_ad_join

windows_ad_join now uses the UPN format for usernames, which prevents some failures to authenticate to the domain.

windows_certificate

An issue was resolved in the :acl_add action of the windows_certificate resource, which caused the resource to fail. Thank you @shoekstra for reporting this issue.

windows_feature

The windows_feature resource now allows for the installation of DISM features that have been fully removed from a system. Thank you @zanecodes for requesting this enhancement.

windows_share

Multiple issues were resolved in windows_share, which caused the resource to either fail or update the share state on every Chef Client run. Thank you @chadmccune for reporting several of these issues and @derekgroh for one of the fixes.

windows_task

A regression was resolved that prevented ChefSpec from testing the windows_task resource in Chef Client 14.7. Thank you @jjustice6 for reporting this issue.

Ohai 14.8

Improved Virtualization Detection

Hyper-V Hypervisor Detection

Detection of Linux guests running on Hyper-V has been improved. In addition, Linux guests on Hyper-V hypervisors will also now detect their hypervisor's hostname. Thank you @safematix for contributing this enhancement.

Example node['virtualization'] data:

{
  "systems": {
    "hyperv": "guest"
  },
  "system": "hyperv",
  "role": "guest",
  "hypervisor_host": "hyper_v.example.com"
}

LXC / LXD Detection

On Linux systems running lxc or lxd containers, the lxc/lxd virtualization system will now properly populate the node['virtualization']['systems'] attribute.

BSD Hypervisor Detection

BSD-based systems can now detect guests running on KVM and Amazon's hypervisor without the need for the dmidecode package.

New Platform Support

  • Ohai now properly detects the openSUSE 15.X platform. Thank you @megamorf for reporting this issue.
  • SUSE Linux Enterprise Desktop now identified as platform_family 'suse'
  • XCP-NG is now identified as platform 'xcp' and platform_family 'rhel'. Thank you @heyjodom for submitting this enhancement.
  • Mangeia Linux is now identified as platform 'mangeia' and platform_family 'mandriva'
  • Antergos Linux now identified as platform_family 'arch'
  • Manjaro Linux now identified as platform_family 'arch'

Security Updates

OpenSSL

OpenSSL has been updated to 1.0.2q in order to resolve:

  • Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407)
  • Timing vulnerability in DSA signature generation (CVE-2018-0734)

Get the Build

As always, you can download binaries directly from downloads.chef.io or by using the mixlib-install command line utility:

$ mixlib-install download chef -v 14.8.12

Alternatively, you can install Chef using one of the following command options:

# In Shell
$ curl https://omnitruck.chef.io/install.sh | sudo bash -s -- -P chef -v 14.8.12

# In Windows Powershell
. { iwr -useb https://omnitruck.chef.io/install.ps1 } | iex; install -project chef -version 14.8.12

If you want to give this version a spin in Test Kitchen, create or add the following to your kitchen.yml file:

provisioner:
  product_name: chef
  product_version: 14.8.12

Enjoy,
Tim