We are delighted to announce the availability of version 15.10.83 of Chef Infra Server.
Improvements
- Chef Server supports running in FIPS mode on the Amazon Linux 2 platform.
Updated Components
- Chef gem to 18.8.46
Security
-
Updated OpenSearch to Tuxcare OpenSearch 1.3.20.tuxcare.1.0.2 to address the following CVEs:
- CVE-2025-25193
- CVE-2024-47554
- CVE-2021-28170
- CVE-2025-48924
- CVE-2024-38820
- CVE-2025-48913
- CVE-2024-38819
- CVE-2024-38828
- CVE-2024-38820
- CVE-2025-22233
-
Updated Postgres 13.22.tuxcare.1.0.1 to resolve the following CVEs:
- CVE-2025-8714
- CVE-2025-8715
- CVE-2025-8713
-
Updated OpenJDK to 17.0.16+8 to address the following CVEs:
- CVE-2025-30749
- CVE-2025-30754
- CVE-2025-50059
- CVE-2025-50106
-
Updated rack to 3.2.3 to resolve the following CVEs:
- CVE-2025-61919
- CVE-2025-61780
- CVE-2025-61772
- CVE-2025-61771
- CVE-2025-61770
-
Updated OpenResty to 1.27.1.2 to resolve the following CVEs:
- CVE-2024-39702
- CVE-2025-23419
Service versions
This release uses:
- OpenResty 1.27.1.2
- OpenJRE 17.0.9+9
- PostgreSQL 13.22.tuxcare.1.0.1
- OpenSearch 1.3.20-tuxcare-1.0.2
- Rack 3.2.3
Get the Build
You can download binaries from Chef Software Downloads | Automation, DevOps, Security, DevSecOps | Chef