puzzle_blog

Enterprise Chef 11.1.2 and Private Chef 1.4.8: Security Release

The following item is new for Enterprise Chef 11.1.2 and 1.4.8 and is a change from previous versions.

opscode-webui
Don’t log or email the Rails session or environment from the exception handler. Doing so can cause user-submitted form values like passwords to be logged and emailed to administrators of the Enterprise Chef server when exceptions occur on the Management Console.

Posted in:

Joseph Smith

Chefconf Blog Banner Bottom

Chefconf Blog Banner Sidebar
Survey Blog Banner Sidebar
image_334

FOLLOW @CHEF