Ohai Compliance friends,
Chef Compliance 1.12.0 is now available from the Chef downloads site. This is a patch release update which is recommended for all users of Chef Compliance. Here are the enhancements and bug fixes included in this release:
Enhancements:
- CVE-2017-8932: Upgrade Go to 1.9.2
- New option
nginx['strict_host_header']
to mitigate Host-header cache-poisoning attacks
Upgrade instructions
Upgrade instructions for Chef Compliance are found here. Download is available at the Chef downloads site.
– Steven