Ohai Chefs,
We’re releasing Chef Client 12.21.14 to fix a number of Ruby security vulnerabilities:
CVE-2017-0898
CVE-2017-10784
CVE-2017-14033
CVE-2017-14064
This release also contains a backported fix to prevent apt_repository resources from importing gpg keys on every chef-client run.
-Tim