Latest Stories
Chef as a Community
Hi! This is a long blog post, but it has a few important action items at its conclusion. If you care about the evolution of the Chef Community, or are considering going to the Community Summit, you should totally read it.
Visit the new Learn Chef website today!
Today we launched the refreshed Learn Chef website. Based on your feedback, we wanted to: Provide a safe learning environment that’s easy to experiment in. Introduce the concepts gradually & provide hands-on experience along the way. Provide a streamlined experience that’s tailored to the server environment you care about most.
Chef & Rails CVE-2014-3482
At 17:11 UTC, the Rails security team publicized CVE-2014-3482 and CVE-2014-3483. In short, this vulnerability is related to the PostgreSQL adapater in ActiveRecord. A bug in the SQL quoting code could allow an attacker to carefully craft a request and execute a SQL injection.
Highlights from Velocity 2014
We had a ton of fun at Velocity last week! Thank you to all those who stopped by our booth, our hack, our sessions, or stopped us in the hallway for a chat. And thank you to the whole O’Reilly team for putting on another delightful conference.
Omnibus, a look forward
Over the last few weeks, we have announced some exciting new improvements to the way Chef Software operates in the open source world. We announced the improved Contributor License Agreement process, the soft opening of Supermarket, and updates to the way we triage Chef products.
#ChefTalks: “Realities of Empowerment” w/ Jez Humble and Rachel Chalmers
Another new video in our continuing series of #ChefTalks, with Jez and Rachel discussing the myths of failure within organizations, the challenges to real empowerment, and the importance of safety. “People have to understand that failure and success is not a performance issue of an individual, it’s characteristic of the system.
Security Vulnerability Releases of Chef Server
Hello, Today we are releasing new versions of Enterprise Chef Server and Open Source Chef Server to address a PostgreSQL configuration vulnerability error. The defect allows any local user on the system hosting the Chef Server’s PostgreSQL components full access to databases.
Chef Server 11.1.3 Security Release
Enterprise Chef Server 11.1.3 is a security release to address a PostgreSQL configuration error. The defect allows any local user on the system hosting the Chef Server’s PostgreSQL components full access to databases. We advise all Chef Server users to update to this latest release which corrects the error.
Enterprise Chef Server 1.4.13 Release
Enterprise Chef Server 1.4.3 is a security release to address a PostgreSQL configuration error. The defect allows any local user on the system hosting the Chef Server’s PostgreSQL components full access to databases. We advise all Chef Server users to update to this latest release which corrects the error.