Ohai Chefs!

We’re happy to announce the release of ChefDK v1.6.1!

Release Highlights

This release of ChefDK update the embedded git to 2.14.1 to address CVE-2017-1000117

It was also necessary to bump the ruby version up to 2.3.4 in order to ship this fix.

This also bumps the Chef version from 12.21.2 to 12.21.4 along with patch bumps to several other gem dependencies.

For some reason that CVE doesn’t exist in that database and the link is busted.

RedHat, Debian and Ubuntu all list that CVE though:

https://access.redhat.com/security/cve/cve-2017-1000117

https://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-1000117.html

https://security-tracker.debian.org/tracker/CVE-2017-1000117

¯\(ツ)/¯