Chef Infra Server 14.9.23 Released!

We are delighted to announce the availability of version 14.9.23 of Chef Infra Server.

Bug Fixes

  • Resolved deprecation warnings when performing database upgrades.
  • Resolved failures to properly detect some external PostgreSQL installs.

Security

OpenSSL 1.0.2za

Updated OpenSSL from 1.0.2y to 1.0.2za in order to resolve CVE-2021-3712.

OpenJDK JRE

Updated OpenJDK JRE used to run Elasticsearch from 11.0.11+9 to 11.0.12+7 to resolve a large number of bugs, as well as the following CVEs:

  • CVE-2021-2341
  • CVE-2021-2369
  • CVE-2021-2388

libarchive 3.5.2

Updated the libarchive library from 3.5.1 to 3.5.2 to improve archive handling and resolve security vulnerabilities in libarchive's handling of symbolic links.

You can download binaries directly from downloads.chef.io