Chef Infra Server 15.10.12 Released!

We are delighted to announce the availability of version 15.10.12 of Chef Infra Server.

Platform support

Chef Infra Server is no longer supported on the following platforms:

  • Red Hat Enterprise Linux 7
  • CentOS 7

License usage

We now collect aggregated and anonymized usage data to understand the Chef Infra Server adoption curve, operating systems that Infra Server runs on, deployed versions of Infra Server, and deployment patterns.
We have ensured that the collected data protects the end user while providing meaningful usage insights.
For more information, see the Chef Infra Server License Usage documentation.

Dependency updates

Redis to KeyDB migration

We replaced Redis with KeyDB to resolve the following CVEs:

  • CVE-2023-41056
  • CVE-2023-45145
  • CVE-2023-41053
  • CVE-2022-24834
  • CVE-2023-36824

This change doesn't require any configuration change and the service name has been kept unchanged too.
For more information about KeyDB, see the KeyDB documentation.

OpenJRE

Updated OpenJRE to 11.0.22+7 to resolve the following CVEs:

  • CVE-2024-20918
  • CVE-2024-20921
  • CVE-2024-20919
  • CVE-2024-20926
  • CVE-2024-20945
  • CVE-2024-20952

OpenSSL

Updated OpenSSL to 1.0.2zi to resolve the following CVEs:

  • CVE-2022-0778
  • CVE-2022-1292
  • CVE-2022-2068
  • CVE-2022-4304
  • CVE-2023-0215
  • CVE-2023-0286
  • CVE-2023-0464
  • CVE-2023-0465
  • CVE-2023-0466
  • CVE-2023-3446
  • CVE-2023-3817

Node.js

Updated Node.js to 14.21.3 to resolve the following CVEs:

  • CVE-2023-23918
  • CVE-2023-23919
  • CVE-2023-23920
  • CVE-2023-23936
  • CVE-2023-24807

Rack

Updated Rack to 2.2.6.3 to resolve the following CVEs:

  • CVE-2023-27530

RDoc

Updated RDoc to 6.3.4.1 to resolve the following CVEs:

  • CVE-2024-27281

Rails

Updated Rails to 7.0.8.1 to resolve the following CVEs:

  • CVE-2024-26143

Nokogiri

Updated Nokogiri to 1.15.6 to resolve the following CVEs:

  • CVE-2024-25062

Get the Build

You can download binaries from Chef Software Downloads | Automation, DevOps, Security, DevSecOps | Chef