-
Notifications
You must be signed in to change notification settings - Fork 116
Pending Release Notes
Chef lets you choose your upgrade journey based on your current version of Chef Automate. You can do all the version upgrades manually.
| Your Current Version | Upgrade To |
|---|---|
| Any version before 20220329091442 | 20220329091442 |
| 20220329091442 | 3.0.x |
| 3.0.49 | 4.x |
See the Chef Automate 4.x upgrade documentation for more information.
- Support for deprecated ciphers on configuration. Check document https://docs.chef.io/automate/configuration/
- Update the wal_sender_timeout and wal_receiver_timeout in HA postgres from 60 to 60000 seconds
- We updated the Chef compliance profiles to version 1.0.0/20251027061057. This includes the new and improved profiles for:
CIS SUSE Linux 15 v2.0.0 Audits
CIS Red Hat Enterprise Linux 10 v1.0.0
CIS Windows Server 2022 v4.0.0
- The issue where Projects selection drop-down would disappear in specific scenarios, has been resolved.
(examples: dependency updates, CVE fixes)
- Update go-viper to fix the following CVEs
CWE-117
- Update nginx to 1.28.0 to resolve the following CVEs
CVE-2024-24989
CVE-2024-24990
CVE-2024-7347
CVE-2024-32760
CVE-2024-35161
CVE-2025-23419
- Update tar-fs from version to 3.1.1 addresses the following CVE:
CVE-2025-59343
- Update from cross-spawn 7.0.3 to 7.0.6 fixes:
CVE-2024-21538
- Update OpenSearch to the Tuxcare OpenSearch 1.3.20.tuxcare.1.0.2 address the following CVEs:
CVE-2025-25193
CVE-2024-47554
CVE-2021-28170
CVE-2025-48924
CVE-2024-38820
CVE-2025-48913
CVE-2024-38819
CVE-2024-38828
CVE-2024-38820
CVE-2025-22233
- Update Postgres 13.22 resolves the following CVEs:
CVE-2025-8714
CVE-2025-8715
CVE-2025-8713
- Update OpenJDK to 17.0.16+8 addresses the following CVEs:
CVE-2025-30749
CVE-2025-30754
CVE-2025-50059
CVE-2025-50106
- Update Angular 19.2.15 addresses the following CVE:
CVE-2025-59052
This release uses:
- Chef Habitat version: 1.6.1243/20241227194506
- Chef Habitat Builder version: 10717/20250805204117
- Chef Infra Server version: 15.10.80
- Chef InSpec version: 5.22.95/20250805133317
This release uses:
- Postgres: 13.22
- OpenSearch: 1.3.20.tuxcare.1.0.2
- Nginx: 1.28.0
- Haproxy: 2.8.15
This release supports the following external chef products:
- Chef Infra Server version: 14.0.58+
- Chef Inspec version: 4.3.2+
- Chef Infra Client: 17.0.242+
- Chef Habitat: 0.81+
This release is built on the following framework versions:
- GoLang: 1.24.4
- OpenJDK: 17.0.16+8
- Angular: 19.2.15
View the package manifest for the latest release.