diff options
author | Tim Smith <tsmith84@gmail.com> | 2021-08-27 11:39:39 -0700 |
---|---|---|
committer | Tim Smith <tsmith84@gmail.com> | 2021-08-27 11:40:42 -0700 |
commit | b5cf7fe5680f2381f540a2f787b943bec9bb4aca (patch) | |
tree | 0139503d3ebd0f390768cc7cff8e1b628ad3ec8c | |
parent | aa46bac4ef1382c4b58a059184e2cd818a8dd06b (diff) | |
download | chef-hotfix.tar.gz |
Add 17.4.38 noteshotfix
Signed-off-by: Tim Smith <tsmith@chef.io>
-rw-r--r-- | RELEASE_NOTES.md | 31 |
1 files changed, 30 insertions, 1 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 9a279dc880..e442e40ebf 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,6 +1,35 @@ This file holds "in progress" release notes for the current release under development and is intended for consumption by the Chef Documentation team. Please see <https://docs.chef.io/release_notes/> for the official Chef release notes. -## What's New in 17.4 +## What's New in 17.4.38 + +### Bug fixes + +- Resolved a regression introduced in Chef Infra Client 17.4 that would cause HWRP-style resources inheriting from LWRPBase to fail. + +### Enhancements + +- Log output has been improved to better deliniate when the Infra Phase and Compliance Phase start and end. +- Ohai data collection of Amazon EC2 metadata has been improved to collect additional data for some configurations. +- Removed ERROR logs when retrying failed communication with the Chef Infra Server +- The `archive_file` resource has been improved by upgrading the `libarchive` library it uses. + - Support for PWB and v7 binary CPIO formats. + - Support for the deflate algorithm in symbolic link decompression with zip files. + - Various bug fixes when working with CAB, ZIP, 7zip, and RAR files. + +### Security + +#### OpenSSL 1.1.1l + +OpenSSL has been updated from 1.1.1k to 1.1.1l on macOS systems to resolve the following CVEs: + +- [CVE-2021-3711](https://nvd.nist.gov/vuln/detail/CVE-2021-3711) +- [CVE-2021-3712](https://nvd.nist.gov/vuln/detail/CVE-2021-3712) + +#### libarchive 3.5.2 + +The libarchive library which powers the archive_file resource has been updated from 3.5.1 to 3.5.2 to resolve security vulnerabilities in libarchive's handling of symbolic links. + +## What's New in 17.4.25 ### Compliance Phase Improvements |