ChefDK 3.11.3 is now available for download. This release includes the latest Chef Client, updated Test Kitchen / Kitchen-dokken, and security updates for curl.
Chef Infra Client 14.13.11
Chef Infra Client has been updated to 14.13.11 with resource improvements and bug fixes. See the Release Notes for a detailed list of changes.
Test Kitchen 1.25
Test Kitchen has been updated to 1.25 with backports of many non-breaking Test Kitchen 2.0 features:
- Support for accepting the Chef 15 license in Test Kitchen runs. See Accepting the Chef License for usage details.
- A new
--fail-fastcommand line flag for use with the
concurencyflag. With this flag set, Test Kitchen will immediatly fail when any converge fails instead of continuing to test additional instances.
policyfile_pathconfig option now accepts relative paths.
- A new
berksfile_pathconfig option allows specifying Berkshelf files in non-standard locations.
- Retries are now honored when using SSH proxies
- The Chef Docker image is now pulled by default so that locally cached
curentcontainer versions will be compared to those available on DockerHub. See the readme for instructions on reverting to the previous behavior.
- User namespace mode can be disabled when running privileged containers with a new
userns_hostconfig option. See the readme for details.
- You can now disable pulling the platform Docker images for local platform image testing or air gapped testing. See the readme for details.
Other Updated Components
- openssl 1.0.2r -> 1.0.2s (bugfix only release)
- cacerts 2019-01-23 -> 2019-05-15
- CVE-2019-5435: Integer overflows in curl_url_set
- CVE-2019-5436: tftp: use the current blksize for recvfrom()
- CVE-2018-16890: NTLM type-2 out-of-bounds buffer read
- CVE-2019-3822: NTLMv2 type-3 header stack buffer overflow
- CVE-2019-3823: SMTP end-of-response out-of-bounds read