Chef Infra Server 15.10.114 Released!

Chef Release Announcements
1

We are delighted to announce the availability of version 15.10.114 of Chef Infra Server.

Security

  • Updated jwt from 3.1.2 to 3.2.0 in oc-id and chef-server-ctl.
  • Updated addressable from 2.8.7 to 2.9.0 in oc-id and chef-server-ctl.
  • Updated Erlang/OTP from 26.2.2 to 26.2.5.
  • Updated Rack from 3.2.4 to 3.2.6.
  • The /version API endpoint no longer exposes internal library names and version details.

Bug fixes

  • Fixed an incorrect log rotation configuration in the Bifrost service where the request logger was writing to crash.log instead of requests.log. (#4188)
  • Fixed a crash in chef-server-ctl reconfigure that caused a NameError: uninitialized constant Parser::AST::Processor::Mixin when the addressable 2.9.0 security pin was active. (#4195)

Improvements

  • Added a log_rotation_type configuration option to select between rotate and wrap style request logging. Default behavior is unchanged. (#4188)
  • Added support for a local license file check, controlled by the OC_LICENSE_PATH build-time macro. When the macro is unset (the default), Chef Infra Server uses the chef-automate CLI to check the license, which is the previous default behavior. When set to a file path, Chef Infra Server reads the license from that location at runtime. If the file is missing or invalid, a 90-day trial period begins from the time of upgrade. (#4152)

Updated components

  • Chef Infra Client updated from 18.8.46 to 18.10.17.
  • knife updated from 18.8.68 to 19.0.105.
  • knife-ec-backup updated from 3.0.5 to 3.0.8.
  • PostgreSQL client updated from version 13 to 14.
  • Rails updated from 7.1.5.2 to 7.2.3.1 (includes a pending security fix).

Service versions

This release uses:

  • OpenResty 1.29.2.5
  • OpenJRE 17.0.9+9
  • PostgreSQL 13.23.tuxcare.1.0.0
  • OpenSearch 1.3.20-tuxcare-1.0.3
  • Rack 3.2.6
  • Valkey 7.2.11