diff options
author | Tim Smith <tsmith@chef.io> | 2018-07-11 08:16:55 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-07-11 08:16:55 -0700 |
commit | feee4070b49e7581529b789be2731d874fd14edc (patch) | |
tree | 5981064e70e356a695ce2923a9adcf0ea8c3d544 | |
parent | fec928e2d60c7b258d55db20d544e973aeaaeddf (diff) | |
parent | bb039d94e0737aad0721fa582cc36b5fa9b0761f (diff) | |
download | chef-feee4070b49e7581529b789be2731d874fd14edc.tar.gz |
Merge pull request #7453 from chef/backdate_cve
Add CVE we fixed to the 14.2 release notes
-rw-r--r-- | RELEASE_NOTES.md | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index f1be377c10..dbc44a93f3 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -274,6 +274,12 @@ The `ignore_failure` property takes a new argument, `:quiet`, to suppress the er - The sysctl resource correctly handles missing keys when used with `ignore_error` - --recipe-url apparently never worked on Windows. Now it does. +## Security Updates + +### ffi Gem + +- CVE-2018-1000201: DLL loading issue which can be hijacked on Windows OS + # Ohai Release Notes 14.1: ## Configurable DMI Whitelist |