Finalize the 14.4 release notes

Link to the docs site so we don't have enormous release notes

Thank everyone that contributed

Add the openssl security update

Add all the openssl resources we added

Add the battery properties for windows_task

Add the improvement to systemd_unit

Signed-off-by: Tim Smith <tsmith@chef.io>

1 files changed, 65 insertions, 10 deletions

diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index a1622e9121..b6c6a2e1f1 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -1,5 +1,7 @@
 This file holds "in progress" release notes for the current release under development and is intended for consumption by the Chef Documentation team. Please see <https://docs.chef.io/release_notes.html> for the official Chef release notes.
 
+# Chef Client Release Notes 14.4:
+
 ## Knife configuration profile management commands
 
 Several new commands have been added under `knife config` to help manage multiple
@@ -26,26 +28,63 @@ $ knife config list-profiles
 *prod     myuser  ~/.chef/user.pem  https://example.com/organizations/prod
 ```
 
+Thank you [@coderanger](https://github.com/coderanger) for this contribution.
+
 ## New Resources
 
-### Cron_d
+The following new previous resources were added to Chef 14.4. Cookbooks with the same resources will continue to take precedent until the Chef 15.0 release
 
-Use the cron_d resource to manage cron definitions in /etc/cron.d. This is similar to the `cron` resource, but it does not use the monolithic /etc/crontab. file."
+### Cron_d
 
-#### Actions
+Use the cron_d resource to manage cron definitions in /etc/cron.d. This is similar to the `cron` resource, but it does not use the monolithic /etc/crontab. file.
 
-- `create` - Add a cron definition file to /etc/cron.d.
-- `create_if_missing` - Add a cron definition file to /etc/cron.d, but do not update an existing file.
-- `delete` - Remove a cron definition file from /etc/cron.d if it exists.
+See [cron_d](https://docs.chef.io/resource_cron_d.html) resource documentation for full usage.
 
 ### Cron_access
 
 Use the cron_access resource to manage the /etc/cron.allow and /etc/cron.deny files. This resource previously shipped in the `cron` community cookbook and has fully backwards compatibility with the previous `cron_manage` definition in that cookbook.
 
-#### Actions
+See [cron_access](https://docs.chef.io/resource_cron_access.html) resource documentation for full usage.
+
+### openssl_x509_certificate
+
+Use the openssl_x509_certificate resourc to generate signed or self-signed, PEM-formatted x509 certificates. If no existing key is specified, the resource will automatically generate a passwordless key with the certificate. If a CA private key and certificate are provided, the certificate will be signed with them. This resource previously shipped in the `openssl` cookbook as `openssl_x509` and is fully backwards compatible with the legacy resource name.
+
+See [openssl_x509_certificate](https://docs.chef.io/resource_openssl_x509_certificate.html) resource documentation for full usage.
+
+Thank you [@juju482](https://github.com/juju482) for updating this resource so it could be included here.
+
+### openssl_x509_request
+
+Use the openssl_x509_request resource to generate PEM-formatted x509 certificates requests. If no existing key is specified, the resource will automatically generate a passwordless key with the certificate.
+
+See [openssl_x509_request](https://docs.chef.io/resource_openssl_x509_request.html) resource documentation for full usage.
+
+Thank you [@juju482](https://github.com/juju482) for contributing this resource.
+
+### openssl_x509_crl
+
+Use the openssl_x509_crl resource to generate PEM-formatted x509 certificate revocation list (CRL) files.
+
+See [openssl_x509_crl](https://docs.chef.io/resource_openssl_x509_crl.html) resource documentation for full usage.
+
+Thank you [@juju482](https://github.com/juju482) for contributing this resource.
 
-- `allow` - Add the user to the cron.allow file.
-- `deny` - Add the user to the cron.deny file.
+### openssl_ec_private_key
+
+Use the openssl_ec_private_key resource to generate ec private key files. If a valid ec key file can be opened at the specified location, no new file will be created.
+
+See [openssl_ec_private_key](https://docs.chef.io/resource_openssl_ec_private_key.html) resource documentation for full usage.
+
+Thank you [@juju482](https://github.com/juju482) for contributing this resource.
+
+### openssl_ec_public_key
+
+Use the openssl_ec_public_key resource to generate ec public key files given a private key.
+
+See [openssl_ec_public_key](https://docs.chef.io/resource_openssl_ec_public_key.html) resource documentation for full usage.
+
+Thank you [@juju482](https://github.com/juju482) for contributing this resource.
 
 ## Resource improvements
 
@@ -59,16 +98,32 @@ The sysctl resource will now update the on-disk systctl.d file even if the curre
 
 ### windows_task
 
-The windows_task resource now supports setting the task priority of the scheduled task with a new `priority` property.
+The windows_task resource now supports setting the task priority of the scheduled task with a new `priority` property. Additionally windows_task now supports managing the behavior of task execution when a system is on battery using new `disallow_start_if_on_batteries` and `stop_if_going_on_batteries` properties.
 
 ### ifconfig
 
 The ifconfig resource now supports setting the interface's VLAN via a new `vlan` property on RHEL platform_family and setting the interface's gateway via a new `gateway` property on RHEL/Debian platform_family.
 
+Thank you [@tomdoherty](https://github.com/tomdoherty) for this contribution.
+
 ### route
 
 The route resource has been improved to support additional RHEL platform_family systems as well as Amazon Linux.
 
+### systemd_unit
+
+The systemd_unit resource now supports specifying options multiple times in the content hash. Instead of setting the value to a string you can now set it to an array of strings.
+
+Thank you [@dbresson](https://github.com/dbresson) for this contribution.
+
+## Security Updates
+
+### OpenSSL
+
+OpenSSL updated to 1.0.2p to resolve:
+- Client DoS due to large DH parameter ([CVE-2018-0732](https://nvd.nist.gov/vuln/detail/CVE-2018-0732))
+- Cache timing vulnerability in RSA Key Generation ([CVE-2018-0737](https://nvd.nist.gov/vuln/detail/CVE-2018-0737))
+
 # Chef Client Release Notes 14.3:
 
 ## New Preview Resources Concept