Ohai Chefs!
We've posted on the blog about the SSL POODLE attack. For now we have
mitigation via configuration for the various Chef Server and related
products, all detailed. We're working to get released packages with the
default configuration updated and will have another post when those are
available.
--
Joshua Timberman, Chef.