Supermarket 2.3.2 Security Release

Supermarket 2.3.2* is now available. This release contains bug fixes, minor enhancements, and security updates.

Supermarket version 2.3.2 is a recommended update for all users running their own instances of Supermarket. Packages are available in the stable repository. Upgrading to this version can be as simple as a chef-client run on your hosts—if you’ve left the version of Supermarket at the default :latest—or updating your wrapper cookbook’s attributes to [‘supermarket_omnibus’][‘package_version’] = ‘2.3.2’.

The community Supermarket has already been updated.

Security Fixes:

• Upgrade Nokogiri to address a CVE
• Upgrade Rails to address CVEs

Bug Fixes:

• Prevent test suite from calling out to 3rd party services.
• Fix omission of PostgreSQL extension requirement in migrations.
• Fix people and titles disappearing from dashboard on small displays.
• Pin Berkshelf version embedded in omnibus package to prevent net-ssh conflicts.

Enhancements:

• Increase changelog content included in email notifications.
• Increase number of companies contributing displayed on a page.

* Version 2.3.1 was not released because of a problem with conflicting versions of net-ssh discovered during packaging.