Chef Developers

[chef-dev] Re: Plan for CHEF-5358 Upgrade OpenSSL to 1.0.1h


Chronological Thread 
  • From: Hui Hu < >
  • To: Noah Kantrowitz < >
  • Cc:
  • Subject: [chef-dev] Re: Plan for CHEF-5358 Upgrade OpenSSL to 1.0.1h
  • Date: Fri, 6 Jun 2014 15:30:30 +0800
Hi Stephen, Noah, 

Thanks a lot. So chef-11.12.4-1.el6.x86_64.rpm and chef-server-11.1.1-1.el5.x86_64.rpm contains the latest openssl 1.0.1h ?

Thanks
Jesse Hu,  Project Serengeti


2014-06-06 14:49 GMT+08:00 Noah Kantrowitz < " target="_blank"> >:
Yes, a status message was posted earlier today on twitter/tumblr. Releases are in-progress but AFAIK no ETA is available. Disclaimer: I don't work for Opscode.

--Noah

On Jun 5, 2014, at 11:41 PM, Hui Hu < "> > wrote:

> Hello,
>
> is there a plan for fix CHEF-5358 Upgrade OpenSSL to 1.0.1h to fix the newly announced SSL/TLS MITM vulnerability and deliver a new chef-server release? Do we have an ETA for it ? Our project uses open source chef server and need to use the chef-server with the new openssl 1.0.1h.
>
> Thanks​ in advance.​
> Jesse Hu



Archive powered by MHonArc 2.6.16.

§