We are delighted to announce the availability of version 14.9.23 of Chef Infra Server.
Bug Fixes
- Resolved deprecation warnings when performing database upgrades.
- Resolved failures to properly detect some external PostgreSQL installs.
Security
OpenSSL 1.0.2za
Updated OpenSSL from 1.0.2y to 1.0.2za in order to resolve CVE-2021-3712.
OpenJDK JRE
Updated OpenJDK JRE used to run Elasticsearch from 11.0.11+9 to 11.0.12+7 to resolve a large number of bugs, as well as the following CVEs:
- CVE-2021-2341
- CVE-2021-2369
- CVE-2021-2388
libarchive 3.5.2
Updated the libarchive library from 3.5.1 to 3.5.2 to improve archive handling and resolve security vulnerabilities in libarchive's handling of symbolic links.
You can download binaries directly from downloads.chef.io