Today we released Chef Supermarket 3.4.8 with important updates for external PostgreSQL as well as Security updates. You can download this new release at downloads.chef.io.
Supermarket has been updated to support using external PostgreSQL releases version 9.6 and later allowing you to use up-to-date external PostgreSQL services such as Amazon RDS.
The activerecord gem has been updated from 220.127.116.11 to 18.104.22.168 to resolve CVE-2021-22880.
The redcarpet gem has been updated from 3.4.0 to 3.5.1 to resolve GHSA-q3wr-qw3g-3p4h
The nokogiri gem has been updated from 1.10.10 to 1.11.1 to resolve CVE-2020-26247
The bundled OpenSSL library has been updated from 1.0.2u to 1.0.2y to resolve the following CVEs:
The embedded curl CLI has been updated from 7.71.1 to 7.75.0 to resolve the following CVEs: