We are pleased to announce the release of a new version of the Management Console for Enterprise Chef 11, 1.3.1. Please contact firstname.lastname@example.org for details on obtaining this release.
- Update OpenSSL (CVE-2014-0160)
- Update Rack::SSL (CVE-2014-2538)
- Update libyaml (CVE-2014-2525)
About the OpenSSL Update
OpenSSL was updated to 1.0.1g to address The Heartbleed Bug. Management Console was not directly affected by this bug (it runs behind Enterprise Chef’s Nginx) but we’ve updated the dependency on OpenSSL as a precaution.
When running this release of the Manage Add-on you should also be running at least Enterprise Chef 11.1.3 and have followed the instructions to regenerate your SSL certificates linked here and in the EC 11.1.3 announcement.
- Log exception messages and backtraces
- LDAP system recovery
- Create validation key on starter kit download if none exists
- Allow sign up without creating an organization
- Improve starter kit download error messages
- Separate sign in and sign up pages
- Allow sign up to be disabled (Use the
disable_sign_upconfiguration option. See the docs for more information.)
- Fix regression in 1.3.0 where sign up button could be hidden
- Make it so navigation does not disappear when window is too narrow
- Fix for invalid usernames on password reset
Let us know if you have any questions or concerns,
Nathan Smith, Front End Team Lead