We are delighted to announce the availability of version 0.10.41 of Chef Workstation.
Updated Components
Updated Chef Command Line
This release lays the ground work for massive speed improvements to the chef command. A new native binary chef command will allow us to slowly replace code with significantly faster native code. Stay tuned for more announcements in the coming months.
Chef Infra Client
Chef Infra Client has been updated from 15.3 to 15.4 with updated resources and several significant fixes to knife bootstrap. See the Chef Infra Client 15.4 Release Notes for a complete list of the new and improved functionality.
Chef InSpec
Chef InSpec has been updated from 4.16 to 4.18 with the following changes:
New Features
- We have released our beta Chef InSpec plug-in for HashiCorp Vault. Check it out in our inspec-vault GitHub repo and let us know what you think -- or better yet, start jumping in and contributing with us on it.
- Waivers, our new beta feature, was added to Chef InSpec! Waivers allows you to better manage compliance failures. We would love to hear your feedback on this! See the InSpec Waivers documentation for more details.
Improvements
- The
interfaceresource now has a name property. - Expanded
userresource to include the passwordage, maxbadpasswords, and badpasswordattempts properties with Windows. - The
sys_inforesource now supports ip_address, fqdn, domain, and short options when giving a version of the hostname. - Sped up initial load/response time for all commands by removing pre-leading of resources on invocation of inspec.
- If an error occurs when using the
jsonresource with a command source, you will now get the error message from STDERR returned in the report. - We improved the formatting of the usage help, so what you see when you type
inspec exec --helpshould look better!
Cookstyle
Cookstyle has been updated from 5.6.2 to 5.9.3, which includes 13 new Chef cops, improved detection in existing cops, and improved autocorrection. See the Cookstyle 5.7, 5.8, and 5.9 release notes for additional information on the new cops.
knife-google
knife-google was updated from 3.3.7 to 4.2.0 with support for bootstrapping nodes with Chef Infra Client 15 and adding multiple local SSD interfaces to a new instance.
knife-vsphere
knife-vsphere was updated from 4.0.1 to 4.0.3, which resolves a bug in determining the state of instances.
knife-vcenter
knife-vcenter was updated from 2.0.3 to 2.0.6 to fix vm clone operations.
kitchen-digitalocean
kitchen-digital has been updated from 0.10.4 to 0.10.5 to add Debian-10 and FreeBSD-12 image aliases.
Security Updates
Ruby
Ruby has been updated from 2.6.4 to 2.6.5 in order to resolve the following CVEs:
- CVE-2019-16255: A code injection vulnerability of Shell# and Shell#test
- CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
- CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?
- CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrickâs Digest access authentication
Get the Build
If you are running the experimental application you can download this version from the menu after the app next update check. You can also download binaries directly from downloads.chef.io.
As always, we welcome your feedback and invite you to contact us directly or share your email. Thanks for using Chef Workstation!