Recently, Chef became aware of a security vulnerability in the version of libyaml we were using. We were nearing release for several of our products, and took the opportunity to do a sweep of some others.
The following releases are all live at this time, and while we are unaware of any scenarios by which your Chef environments may become compromised by the issues that these releases address, we urge you to upgrade to the appropriate versions at your earliest opportunity.
Please note that these releases do include other changes, which are detailed at the linked blog posts. Please contact support if you have any questions or concerns, and thanks for using Chef!
Enterprise Chef 11.1.1
Enterprise Chef 11.1.1 release blog post
Management Console 1.1.1
Management Console 1.1.1 release blog post
Push Jobs Client 1.0.1
Push Jobs Server 1.1.0
Push Jobs client and server release blog post
Reporting 1.1.0 release blog post
Chef Client 11.10.2
Chef Client 10.30.4
Chef Client release blog post
Chef Server 11.0.11
Chef Server 11.0.11 security release blog post
Enterprise Chef 1.4.7
Private Chef 1.4.7 release blog post