I think everything from 11.0.0 to 11.12.0 is affected.
Not related to this bug, but my understanding is that client software is vulnerable to the heartbleed bug, and can be exploited before the client checks the certificate, so I’d recommend you upgrade if your client makes SSL connections to any HTTPS servers not under your direct control.
On Wednesday, April 9, 2014 at 5:02 PM, Koert Kuipers wrote:
our clients are 11.4.4 (we had issues with versions after that). could this afect 11.4.4?
On Wed, Apr 9, 2014 at 7:56 PM, Daniel DeLeo <email@example.com (mailto:firstname.lastname@example.org)> wrote:
Could be this bug: https://tickets.opscode.com/browse/CHEF-4918
The fix was just released in 11.12.0 (but be sure to upgrade to 11.12.2 which has some important bug fixes).
On Wednesday, April 9, 2014 at 4:52 PM, Koert Kuipers wrote:
i set a normal attribute on a node like this:
but as soon as i do this, after a chef-client run, when i edit the node again the section under “normal” for “cdh4” is filled with all sorts of other attributes that were set at default or override level in recipes and the environment. why do they all end up here? i only want to set this one attribute “myid” at the normal level, i dont want all cdh4 attributes to become sticky at the normal level…
thanks! best, koert