London Technology Week sweeps through the city June 16-20 and Chef is getting in on the fun with a tasty dinner event on June 18. From 6-9 pm Greenwich Time, join our European Chef team – Justin Arbuckle, Andy Hawkins, John Fitzpatrick, and Andrew Gough – at Curry Leaf East, 20 City Road in London.

Ohai Chefs, We have just released Chef Client versions 11.12.8-2 and 10.32.2-3 which includes the mitigation for the recently reported OpenSSL vulnerability CVE-2014-0224. Note that after installing these builds, if you check the OpenSSL version using `OpenSSL::OPENSSL_VERSION` you will see `OpenSSL 1.0.0k 5 Feb 2013`.

Today we joined our friends at Docker for their user conference – DockerCon 2014. There’s a ton going on at the show today and tomorrow, including Docker announcing its first production-ready version, Docker 1.0. Of course, your friendly Chefs are out in force at the show, so please stop by our booth for a chat.

Ohai Chefs, Today we are releasing Chef Client 11.12.8 & 10.32.2-2 which include an updated version of OpenSSL that patches CVE-2014-0224. All installs of Chef Client should be upgraded immediately. This bug permits an attacker to execute an undetectable MITM attack on an otherwise secure connection.

On Thursday June 5th at approximately 14:00 UTC, the CHEF engineering team was made aware of OpenSSL CVE-2014-0224. A bug in the OpenSSL framework could permit a MITM attack under certain circumstances using a carefully constructed request. Due to the nature of this vulnerabilty, we recommend that you upgrade your installations immediately.

Open Source Chef Server 11.1.1 is a security release that includes an updated version of OpenSSL that patches CVE-2014-0224. All installs of Open Source Chef should be upgraded immediately. This bug permits an attacker to execute an undetectable MITM attack on an otherwise secure connection.

Enterprise Chef Server 11.1.6 is a security release that includes an updated version of OpenSSL that patches CVE-2014-0224. All installs of Enterprise Chef should be upgraded immediately. This bug permits an attacker to execute an undetectable MITM attack on an otherwise secure connection.

Enterprise Chef Server 1.4.11 is a security release that includes an updated version of OpenSSL that patches CVE-2014-0224. All installs of Enterprise Chef should be upgraded immediately. This bug permits an attacker to execute an undetectable MITM attack on an otherwise secure connection.

The Chef Community delivers yet again. John Ewart, a system architect, software developer, and lecturer based in California, recently published, “Managing Windows Servers with Chef” which can be purchased here.