At 17:11 UTC, the Rails security team publicized CVE-2014-3482 and CVE-2014-3483. In short, this vulnerability is related to the PostgreSQL adapater in ActiveRecord. A bug in the SQL quoting code could allow an attacker to carefully craft a request and execute a SQL injection.

We had a ton of fun at Velocity last week! Thank you to all those who stopped by our booth, our hack, our sessions, or stopped us in the hallway for a chat. And thank you to the whole O’Reilly team for putting on another delightful conference.

Over the last few weeks, we have announced some exciting new improvements to the way Chef Software operates in the open source world. We announced the improved Contributor License Agreement process, the soft opening of Supermarket, and updates to the way we triage Chef products.

Another new video in our continuing series of #ChefTalks, with Jez and Rachel discussing the myths of failure within organizations, the challenges to real empowerment, and the importance of safety. “People have to understand that failure and success is not a performance issue of an individual, it’s characteristic of the system.

Hello, Today we are releasing new versions of Enterprise Chef Server and Open Source Chef Server to address a PostgreSQL configuration vulnerability error. The defect allows any local user on the system hosting the Chef Server’s PostgreSQL components full access to databases.

Enterprise Chef Server 11.1.3 is a security release to address a PostgreSQL configuration error. The defect allows any local user on the system hosting the Chef Server’s PostgreSQL components full access to databases. We advise all Chef Server users to update to this latest release which corrects the error.

Enterprise Chef Server 1.4.3 is a security release to address a PostgreSQL configuration error. The defect allows any local user on the system hosting the Chef Server’s PostgreSQL components full access to databases. We advise all Chef Server users to update to this latest release which corrects the error.

Enterprise Chef Server 11.1.8 is a security release to address a PostgreSQL configuration error. The defect allows any local user on the system hosting the Chef Server’s PostgreSQL components full access to databases. We advise all Chef Server users to update to this latest release which corrects the error.

Today we have another video in our ongoing #ChefTalks video series. Once again, Rachel Chalmers and Jez Humble are providing fresh perspectives and insights into culture, diversity, and change in IT. The below video provides a quick look at culture vs. tools, what DevOps is today, and where it needs to go.