Nginx version in chef-server (and our security guys!)

dpoulson · April 17, 2019, 11:39am

So, our security guys' automated scans are complaining about the version of nginx that chef-server is using (currently on chef-server 11, but going to upgrade to latest chef 12).

They are wanting at least 1.14.1

Looks like the latest chef-server-core is using 1.11.2

Is there anyway to upgrade the version of nginx in chef-server? Or failing that can anyone give me a reason why this is a none issue so the security guys can put an exception into the scan?

robbkidd · April 17, 2019, 2:27pm

Chef Server v12.19.42 includes a security update to openresty (which includes nginx).

Topic		Replies	Views
Chef Infra Server 14.4.4 Released! Chef Release Announcements	0	1406	May 20, 2021
Chef Infra Server 14.1.0 Released! Chef Release Announcements	0	1527	February 26, 2021
11.18.10 Chef Infra (archive)	1	330	April 30, 2015
Status of the Open Source Chef Server 11.1 Release Chef Infra (archive)	0	280	May 1, 2014
Chef Infra (archive)	4	298	August 2, 2013

Nginx version in chef-server (and our security guys!)

Related topics