Chef Compliance 1.12.0 Released

ssd · October 23, 2017, 2:23pm

Ohai Compliance friends,

Chef Compliance 1.12.0 is now available from the Chef downloads site. This is a patch release update which is recommended for all users of Chef Compliance. Here are the enhancements and bug fixes included in this release:

Enhancements:

CVE-2017-8932: Upgrade Go to 1.9.2
New option nginx['strict_host_header'] to mitigate Host-header cache-poisoning attacks

Upgrade instructions

Upgrade instructions for Chef Compliance are found here. Download is available at the Chef downloads site.

– Steven

ssd · October 23, 2017, 2:31pm

Hi,

A small correction. This release contains Go 1.9.1, not 1.9.2. Go 1.9.1 is the latest release of the 1.9 series and addresses the mentioned CVE.

Cheers,

Steven

Topic	Replies	Views
Chef Compliance 1.8.12 Released Chef Release Announcements	679	March 9, 2017
Chef Compliance 1.1.2 Released Chef Release Announcements	673	April 19, 2016
Chef Compliance 1.11.5 released Chef Release Announcements	559	August 31, 2017
Chef Compliance 1.12.1 Released Chef Release Announcements	556	October 24, 2017
Chef Compliance 1.9.46 released Chef Release Announcements	624	May 9, 2017

Chef Compliance 1.12.0 Released

Upgrade instructions

Related Topics