[chef] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics


Chronological Thread 
  • From: Marc Paradise < >
  • To:
  • Subject: [chef] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics
  • Date: Fri, 17 Oct 2014 12:45:06 -0700

Ohai Chefs, 

Today we have released updated versions of Chef Server, Enterprise Chef Server, and Analytics in response to the recently announced OpenSSL vulnerabilities and  the POODLE SSLv3 attack disclosure. 


We recommend that you upgrade your packages as soon as possible, or apply the appropriate mitigation steps from the blog post below:


Note that these steps will protect only against the SSLv3 vulnerability - in order to be protected against the OpenSSL vulnerabilities, upgrade to the latest supported packages for your installation is required. 


-- 
Marc Paradise
Software Engineer - Chef Server
Chef Software, Inc.



Archive powered by MHonArc 2.6.16.

§