Nginx version in chef-server (and our security guys!)


So, our security guys' automated scans are complaining about the version of nginx that chef-server is using (currently on chef-server 11, but going to upgrade to latest chef 12).

They are wanting at least 1.14.1

Looks like the latest chef-server-core is using 1.11.2

Is there anyway to upgrade the version of nginx in chef-server? Or failing that can anyone give me a reason why this is a none issue so the security guys can put an exception into the scan?



Chef Server v12.19.42 includes a security update to openresty (which includes nginx).

1 Like