Builds of the Open Source Chef Server are ready to download now. They should be available via http://getchef.com/chef/install. I'll be posting a blog post for all the server releases in a just a few minutes. Cheers!--On Wed, Apr 9, 2014 at 1:21 PM, Michael Glenney < " target="_blank"> > wrote:
Let me clarify. RHEL 6 only. 6.4 or .5 and above. RHEL5 is fine
Sent from my iPhoneThat's not the case. RHEL OpenSSL was certainly affected. We received errata and had to patch.
Sent from my iPhoneAt our scrum this morning, our security person said that no RHEL official version of OpenSSL contains the vulnerability. So unless someone compiled it from source code, it should be good.
The bad news is that the latest Fedora installations do have it.
JOHN HASTY
Software as a Service - DevOps
Software Group
Phone: 1-512-804-9968
E-mail: " target="_blank"> <32787972.gif>
2407 S Congress Ave Ste E-350
Austin, TX 78704
United States
<graycol.gif>Tucker ---04/09/2014 11:29:30 AM---Any update on this? The blog has chef client updates but I've yet to see anything on server.
From: Tucker < " target="_blank"> >
To: " " target="_blank"> " < " target="_blank"> >,
Date: 04/09/2014 11:29 AM
Subject: [chef] Re: Re: Chef server & heartbleed
Any update on this? The blog has chef client updates but I've yet to see anything on server.
On Tue, Apr 8, 2014 at 8:15 AM, Adam Jacob < " target="_blank"> > wrote:Cutting releases today. Full announcement soon.
On Apr 8, 2014 8:14 AM, "Daniel Givens" < " target="_blank"> > wrote:
It looks like openssl in the latest Chef server package for Ubuntu (haven’t checked EL) is vulnerable to the Heartbleed[1] exploit. Any word on when an update will be made available?
Thanks!
Daniel
[1] http://heartbleed.com/
--
--tucker
Stephen Delano
Software Development Engineer
Opscode, Inc.
1008 Western Avenue
Suite 601
Seattle, WA 98104
Archive powered by MHonArc 2.6.16.