Are there any plans to release chef-server with CVE-2016-2107 fixes? Public api seems to be still vulnerable (at least according to this test):
$ CVE-2016-2107 api.chef.io
2016/05/06 10:48:14 Vulnerable: trueAre there any plans to release chef-server with CVE-2016-2107 fixes? Public api seems to be still vulnerable (at least according to this test):
$ CVE-2016-2107 api.chef.io
2016/05/06 10:48:14 Vulnerable: true