We are delighted to announce the availability of version 14.6.32 of Chef Infra Server.
Enhancements
Maintenance Mode
You can now place your Chef Infra Server into maintenance mode to block requests from Chef Infra Clients or tools like knife. Maintenance mode also allows you to specify allowed IP addresses for testing your Infra Server without allowing access to all clients.
- Turn on maintenance mode:
chef-server-ctl maintenance on - Turn off maintenance mode:
chef-server-ctl maintenance off - Add an allowed IP address:
chef-server-ctl maintenance -a IP_ADDRESS - Remove an allowed IP address:
chef-server-ctl maintenance -r IP_ADDRESS - List all allowed IP address:
chef-server-ctl maintenance -l
Security Improvements
Rails
We've upgraded the Rails engine used in oc-id from 4.2 to 6.0.3.2. This upgrade improves performance, adds new capabilities, and also resolves the following CVEs:
- CVE-2018-16476
- CVE-2019-5418
- CVE-2019-5419
- CVE-2019-5420
- CVE-2020-8185
- CVE-2020-8167
- CVE-2020-8166
- CVE-2020-8165
- CVE-2020-8164
- CVE-2020-8163
- CVE-2020-8162
- CVE-2021-22880
- CVE-2021-22881
- CVE-2021-22885
- CVE-2021-22902
- CVE-2021-22903
- CVE-2021-22904
Addressable
We've updated the addressable gem used in the oc-id engine from 2.7 to 2.8 to resolve CVE-2021-32740.
Ruby
We've upgraded Ruby from 2.6.7 to 2.7.4. This upgrade improves performance and also resolves the following CVEs:
- CVE-2021-31810
- CVE-2021-32066
- CVE-2021-31799
Elasticsearch
We've upgraded Elasticsearch from 6.8.16 to 6.8.17 to resolve CVE-2021-22144.
Get the Build
You can download binaries directly from downloads.chef.io.