Today we shipped a new bug fix / security release for ChefDK with a few new features as an added bonus.
Chef Infra Client 14.14.29
Chef Infra Client has been updated to 14.14.29 with the following bug fixes:
- Fixed an error with the
systemd_unitresources which would try to re-enable services with an indirect status.
systemd_unitresource now logs at the info level.
- Fixed knife config when it returned a
TypeError: no implicit conversion of nil into Stringerror.
kitchen-digitalocean has been updated to 0.10.5 which adds new image aliases for Debian-10 and FreeBSD-12.
kitchen-dokken has been updated to 2.8.0. This will make the
TEST_KITCHEN environmental variables match the behavior of
libxslt has been updated to 1.1.34 to resolve CVE-2019-13118.
Ruby has been updated from 2.5.6 to 2.5.7 in order to resolve the following CVEs:
- CVE-2019-16255: A code injection vulnerability of Shell# and Shell#test
- CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
- CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?
- CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick’s Digest access authentication