Skip to content

Pending Release Notes

Kallol Roy edited this page Aug 22, 2024 · 372 revisions

License Usage

From this version, the Chef Server will collect license usage data from the backend.
This change does not need any manual intervention and will be handled by the product.
Please read more information here

Redis migration

Redis is replaced by KeyDB which will resolve the following CVEs:

  • CVE-2023-41056
  • CVE-2023-45145
  • CVE-2023-41053
  • CVE-2022-24834
  • CVE-2023-36824 This change will not require any configuration change and the service name has been kept unchanged too. Read more about KeyDB here.

OpenJRE

Updated OpenJRE to 11.0.22+7 to resolve the following CVEs.

  • CVE-2024-20918
  • CVE-2024-20921
  • CVE-2024-20919
  • CVE-2024-20926
  • CVE-2024-20945
  • CVE-2024-20952

Openssl

Updated openssl to 1.0.2zi to resolve following CVEs.

  • CVE-2022-0778
  • CVE-2022-1292
  • CVE-2022-2068
  • CVE-2022-4304
  • CVE-2023-0215
  • CVE-2023-0286
  • CVE-2023-0464
  • CVE-2023-0465
  • CVE-2023-0466
  • CVE-2023-3446
  • CVE-2023-3817

nodeJS

Updated node.js to 14.21.3 to resolve following CVEs.

  • CVE-2023-23918
  • CVE-2023-23919
  • CVE-2023-23920
  • CVE-2023-23936
  • CVE-2023-24807

rack

Updated rack to 2.2.6.3 to resolve following CVEs.

  • CVE-2023-27530

RDocs

Updated RDocs to 6.3.4.1 to resolve following CVEs.

  • CVE-2024-27281

rails

Updated rails to 7.0.8.1 to resolve following CVEs.

  • CVE-2024-26143

nokogiri

Updated nokogiri to 1.15.6 to resolve following CVEs.

  • CVE-2024-25062