Latest Stories
ChefDK 0.3.2 Released!
Hi Chefs, We've released ChefDK 0.3.2. This release fixes a handful of issues with the SSL configuration in ChefDK. Most importantly, we've rolled back the version of the CA Certificate bundle included in ChefDK.
Working with Chef Behind Your Firewall
A self-contained Chef-managed infrastructure has never been easier to configure. The omnibus installers include all the software Chef needs to run on your clients. With a few knife configuration substitutions, or custom bootstrap templates, you are completely in charge of how and where your nodes obtain their chef-client software.
Serving up delight at the Chef Community Summits
This month we’ve held two Chef Community Summits and it’s been a real delight watching the community gather and discuss most important topics. We held a Chef Community Summit in Seattle at the beginning of October and another in London last week. Both Summits were facilitated Open Space events.
Security Release: Chef Server and Analytics (POODLE and OpenSSL Vulnerabilites)
Today we are announcing security releases of all supported versions of Chef Server, Enterprise Chef, and Chef Analytics. These releases address two separate issues: * POODLE SSLv3 attack, which allows allow a remote attacker to extract plaintext of targeted data within an SSL connection * CVE-2014-3513 and CVE-2014-3567, which expose a potential DoS attack vector.
Security Response: SSL POODLE attack and mitigation
_Update: 2014-10-17: We have released an update of Chef Server products and Analytics to address the POODLE attack as well as other recently announced vulnerabilites._ A new attack on SSL 3.0 has been announced. This attack is fully detailed in this document.
Webinar: The Lean Enterprise with Jez Humble
We’re excited to announce that our own Jez Humble will be hosting a webinar on The Lean Enterprise on November 14th. Register here, or via the embed below.
Azure & Chef, Episode 3
Don’t Get Spooked by LAMP on Azure! On Wednesday, October 29th at 12:00pm CST, we are joining 10th Magnitude for a special Halloween episode in our Azure + Chef = Awesome Series. We’ll show you why Linux is a first class workload in Microsoft Azure.
Chef Client Release: 11.16.4
Ohai Chefs, Today we’ve made a new patch release for Chef Client: 11.16.4. This release includes security fixes and a few major bug fixes. Here is the list of changes included in this release: * Windows omnibus installer security updates for redistributed bash.exe / sh.exe vulnerabilities (“Shellshock”) CVE-2014-6271, CVE-2014-6278, CVE-2014-7186, CVE-2014-7187.
Crossing the Pond: Chef Summit London 2014
Next week is an exciting week for Chef as we kickoff our first Chef Summit in London. If you’ve never attended a Chef Summit in the past, it’s an opportunity for our folks to meet with members of the Chef community to talk about all sorts of things.