- From: Marc Paradise <
>
- To:
, Chef Dev <
>, Release Announcements <
>
- Subject: [chef] [release-announce] Security Releases: Chef Server, Enterprise Chef Server, and Analytics
- Date: Fri, 17 Oct 2014 12:50:03 -0700
[Second sending to cover the chef-dev list, omitted from the first.]
Ohai Chefs,
Today we have released updated versions of Chef Server, Enterprise Chef Server, and Analytics in response to the recently announced OpenSSL vulnerabilities and the POODLE SSLv3 attack disclosure.
We recommend that you upgrade your packages as soon as possible, or apply the appropriate mitigation steps from the blog post below:
Note that these steps will protect only against the SSLv3 vulnerability - in order to be protected against the OpenSSL vulnerabilities, upgrade to the latest supported packages for your installation is required.
--
Marc Paradise
Software Engineer - Chef Server
Chef Software, Inc.
Archive powered by MHonArc 2.6.16.