We are delighted to announce the availability of version 14.13.42 of Chef Infra Server.
Updated the nginx configuration for Chef Infra Server to support scenarios where the Infra Server has multiple DNS names that clients are configured to use. Thanks for this addition @bdwyertech!
- Resolved an error running
chef-server-ctl user-createwith the
Removed support for Sentry application performance monitoring in
oc-id. Chef Infra Server will now ignore any configuration for Sentry during reconfigure.
The Habitat packages of Chef Infra Server are now built against the latest core-plans update, updating many of the dependencies used by Infra Server.
OpenJDK has been updated from 11.0.13 to 11.0.14 to resolve the following CVEs:
- CVE-2022-21248: Enhance cross VM serialization
- CVE-2022-21283: Better String matching
- CVE-2022-21291: Better verification of scan methods
- CVE-2022-21293: Improve String constructions
- CVE-2022-21294: Enhance construction of Identity maps
- CVE-2022-21282: Better resolution of URIs
- CVE-2022-21296: Improve SAX Parser configuration management
- CVE-2022-21299: Improved scanning of XML entities
- CVE-2022-21277: Improve TIFF file handling
- CVE-2022-21305: Better array indexing
- CVE-2022-21340: Verify Jar Verification
- CVE-2022-21341: Improve serial forms for transport
- CVE-2022-21360: Enhance BMP image support
- CVE-2022-21365: Enhanced BMP processing
Updated the Ruby on Rails framework used by
oc-id to 188.8.131.52 to resolve CVE-2021-22904.
You can download binaries directly from downloads.chef.io.