Author:
Steven Danna
Security Releases: Chef Server 12, Enterprise Chef 11, Chef Manage
By Steven Danna
Ohai Chefs! Today we have releases of Chef Server 12.1.0, Enterprise Chef Server 11.3.2, and Chef Manage 1.17.0 which contain the following security updates: Redis 2.8.21 This update addresses CVE-2015-4335, a remote code execution vulnerability in Redis.
Read moreChef Server 12.1 Release Announcement
By Steven Danna
Ohai Chefs! I’m pleased to announce that Chef Server 12.1.0 is now available for download on the Chef Downloads Page and via our Apt and RPM repositories. Here are some of this release’s highlights: * Significant performance improvements. * Policyfile APIs are significantly more complete and are enabled by default.
Read morePublic Wiki and Ticketing Sites Back Online
By Steven Danna
We’ve brought the Opscode wiki and ticketing systems back online after working closely with our vendor to resolve the issue that led to the security breach. Out of caution, we’ve restored the data in both of these systems from a backup taken on 30 July 2013.
Read moreSecurity Breach: User information for tickets.opscode.com and wiki.opscode.com compromised.
By Steven Danna
What Happened? A vulnerability in the third-party software that runs our Open Source Chef wiki and ticketing system was exploited to gain access to that particular system. While on this system, the attacker gained escalated privileges and downloaded the user database for the wiki and ticketing system. What information was exposed?
Read more