[chef-dev] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics


Chronological Thread 
  • From: Marc Paradise < >
  • To: , Chef Dev < >, Release Announcements < >
  • Subject: [chef-dev] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics
  • Date: Fri, 17 Oct 2014 12:50:03 -0700

[Second sending to cover the chef-dev list, omitted from the first.]

Ohai Chefs, 

Today we have released updated versions of Chef Server, Enterprise Chef Server, and Analytics in response to the recently announced OpenSSL vulnerabilities and  the POODLE SSLv3 attack disclosure. 


We recommend that you upgrade your packages as soon as possible, or apply the appropriate mitigation steps from the blog post below:


Note that these steps will protect only against the SSLv3 vulnerability - in order to be protected against the OpenSSL vulnerabilities, upgrade to the latest supported packages for your installation is required. 

Please reach out to  " target="_blank">  if you have any further questions or concerns.



-- 
Marc Paradise
Software Engineer - Chef Server
Chef Software, Inc.


  • [chef-dev] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics, Marc Paradise, 10/17/2014

Archive powered by MHonArc 2.6.16.

§