chef - [chef] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics

First login ?
Lost password ?

Subscribers: 1946
Owners
Bryan McLellan
Joshua Timberman
Nathen Harvey
Seth Chisamore
Serdar Sutay

Subscribe
Unsubscribe
Info
Archive

Post

RSS
Shared documents

General discussion about Chef

[chef] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics

From: Marc Paradise < >
To:
Subject: [chef] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics
Date: Fri, 17 Oct 2014 12:45:06 -0700

Ohai Chefs,

Today we have released updated versions of Chef Server, Enterprise Chef Server, and Analytics in response to the recently announced OpenSSL vulnerabilities and the POODLE SSLv3 attack disclosure.

The full release announcement is here: https://www.getchef.com/blog/2014/10/17/security-release-chef-server-and-analytics-poodle-and-openssl-vulnerabilites/

We recommend that you upgrade your packages as soon as possible, or apply the appropriate mitigation steps from the blog post below:

https://www.getchef.com/blog/2014/10/14/security-response-ssl-poodle-attack-and-mitigation/

Note that these steps will protect only against the SSLv3 vulnerability - in order to be protected against the OpenSSL vulnerabilities, upgrade to the latest supported packages for your installation is required.

Please reach out to " target="_blank" style="font-family:arial,sans-serif;font-size:13px"> if you have any further questions or concerns.

--
Marc Paradise
Software Engineer - Chef Server

Chef Software, Inc.

[chef] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics, Marc Paradise, 10/17/2014
- <Possible follow-up(s)>
- [chef] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics, Marc Paradise, 10/17/2014