Chef Backend 2.3.16 is now released and available on the downloads site.
- Chef Infra Client, which is used in the
chef-backend-ctl reconfigurecommand, has been updated from 15.x to 16.17 to resolve EOL warnings when running.
chef-backend-ctl backupno longer backs up the Elasticsearch cluster to speed up backup times. Users restoring a backed-up cluster can instead run
chef-server-ctl reindex --allfrom a frontend node to generate new data in Elasticsearch.
We now produce Chef Backend packages for SLES 15, Amazon Linux 2, and Ubuntu 20.04.
Chef Backend packages are no longer produced for RHEL 6, as this platform is now end-of-life.
Updated the file digest in Chef Backend RPM packages from MD5 to SHA256 to prevent failures from installing on some FIPS-enabled systems.
We mitigated the Log4j vulnerability outlined in CVE-2021-44228 by disabling message formatting within logging. Chef Backend is not vulnerable to this CVE in Log4j, but this avoids security concerns with this CVE.
Updated Ruby from 2.6.5 to 2.7.5 for improved performance and to resolve the following CVEs:
Updated OpenSSL from 1.0.2v to 1.0.2zb to resolve issues with Let's Encrypt certificates and to resolve the following CVEs:
Updated OpenJDK from 11.0.7+10 to 11.0.13+8 to resolve the following CVEs:
Updated PostgreSQL from 9.5.19 to 9.5.25 to resolve the following CVEs: