Habitat 1.6.56 Released!

We are happy to announce the release of Habitat 1.6.56!

1.6.56 addresses a security regression (#7747) where the Supervisor’s control gateway server does not correctly validate the secret of client requests. This allowed clients with access to the Supervisor’s control gateway port to issue commands without having the correct control gateway secret. This regression was introduced in version 1.5.0 of the Supervisor.

This release also adds arguments for setting the period of Supervisor and service update checks with the --auto-update-period and --service-update-period arguments respectively.

1.6.56 (2020-06-18)

Full Changelog

Bug Fixes

• CtlGateway handshake fix #7755 (davidMcneil)

• read hook stdout/err allowing for lossy utf8 strings #7724 (mwrock)

New Features & Enhancements

• Use the cli.toml auth_token during package install #7735 (davidMcneil)

• allow hook extentions in plan #7740 (mwrock)

Merged Pull Requests

• [CI] Bump timeout to 45 minutes #7757 (christophermaier)

• [REFACTOR] Store service spec in Service struct #7752 (christophermaier)

• Restore and deprecate update period env vars #7756 (davidMcneil)

• Improve serde usage #7732 (davidMcneil)

• fix e2e failures #7742 (mwrock)

• Supervisor update config #7733 (davidMcneil)

• use powershell 7.0.1 #7730 (mwrock)

• Update rust to 1.43.1 #7728 (davidMcneil)

• Remove libarchive and Vendor openssl #7710 (davidMcneil)

• Fix typos and refresh in cli help #7718 (jsirex)

• [CI] Re-enable skipped verify builds affected by core-plans refresh #7649 (christophermaier)

• Rustfmt and Nightly Rust Bump to nightly-2020-05-15 #7713 (chef-expeditor[bot])

• Cargo Update #7715 (chef-expeditor[bot])

• Automated update of Habitat Documentation #7714 (chef-expeditor[bot])

• Update Changelog #7716 (christophermaier)