Chef Server 12.5.0 is released. It contains several security updates and can be downloaded here.
Several libraries were updated to fix bugs that existed in previous versions.
- Updated to 1.0.1s to mitigate CVE-2016-0800 (aka DROWN).
- Updated to 0.10.35 to mitigate CVE-2013-4450.
- Ruby On Rails
- Updated to 184.108.40.206 to mitigate CVE-2016-2097 and CVE-2016-2098.