We are delighted to announce the availability of version 5.3.0 of Chef Supermarket.
Release date: November 11, 2025
Packaging
- Upgraded Ruby on Rails to version 7.1.5.2 on Fieri engine and Supermarket to remove version skew.
- Updated constraints for Rails, Rack, Nokogiri, PostgreSQL, OpenSSL to ensure reproducible, secure builds.
- Updated Omnibus PostgreSQL definition from 13.18 to 13.22.
- Upgraded OpenSSL from 1.0.2zi to 3.2.4 with FIPS plugin 3.1.2 for FIPS compliance.
- Upgrade OpenResty from 1.21 to 1.27.1.2 (includes Nginx 1.21.4 to 1.27.1) with performance and security improvements.
- Update Ruby gems including Sprockets (4.0.3 to 4.2.2), Faraday (2.3.0 to 2.13.4), and testing frameworks.
Security
-
Upgrade PostgreSQL from 13.18 to 13.22
- CVE-2025-1094
-
Upgraded Ruby on Rails from 7.0.8.7 to 7.1.5.2
- CVE-2025-24293
-
Upgraded Rack from 2.2.8 to 2.2.20
- CVE-2025-61919
- CVE-2025-61770
- CVE-2025-61772
- CVE-2025-61771
- CVE-2025-59830
- CVE-2025-46727
- CVE-2025-27610
-
Upgraded Nokogiri from 1.18.8 to 1.18.9
- CVE-2025-49796
- CVE-2025-49795
- CVE-2025-49794
- CVE-2025-6170
- CVE-2025-6021
-
Upgraded OpenSSL from 1.0.2zi to 3.2.4
-
Upgraded OpenSSL-FIPS from 2.0.16 to 3.1.2
-
Upgraded OpenResty from 1.21 to 1.27.1.2. Includes Nginx upgrade from 1.21.4 to 1.27.1.
Get the Build
You can download binaries directly from chef.io/downloads.