If you are not sure if the website you would like to visit is secure, you can verify it here. Enter the website address of the page and see parts of its content and the thumbnail images on this site. None (if any) dangerous scripts on the referenced page will be executed. Additionally, if the selected site contains subpages, you can verify it (review) in batches containing 5 pages.
favicon.ico: docs.chef.io/release_notes/backend - Chef Backend release notes.

site address: docs.chef.io/release_notes/backend redirected to: docs.chef.io/release_notes/backend

site title: Chef Backend release notes

Our opinion (on Sunday 05 July 2026 15:09:35 UTC):

GREEN status (no comments) - no comments
After content analysis of this website we propose the following hashtags:


page from cache: 4 hours ago
Meta tags:
description=Chef Backend release notes;

Headings (most frequently used words):

chef, backend, fixes, enhancements, bug, security, elasticsearch, ruby, component, updates, openjdk, 14, platforms, health, infra, client, status, 16, packaging, improvements, 11, 13, postgresql, 25, improve, epmd, on, release, notes, 30, upgrading, upgrades, fix, 23, newly, supported, deprecated, rpm, package, digests, log4j, mitigation, openssl, 2zb, checker, ionice, configuration, options, leader, endpoint, caching, 15, 12, 22, increased, memory, allocation, erlang, 18, etcd, 19, new, deprecations, backup, timeout, control, cluster, temporary, files, ssl, ciphers, improved, checking, for, demoted, leaders, fails, certain, ipv6, configurations, java, 8u144, update, minimum_master_nodes, node, removal, include, disk, in, checks, and, output, robustness, regarding,

Text of the page (most frequently used words):
chef (235), the (108), cve (101), #backend (84), and (62), infra (47), overview (46), elasticsearch (39), for (38), version (37), from (35), server (34), postgresql (33), upgrade (33), fixes (32), install (32), automate (31), 2021 (30), builder (30), security (28), with (28), deployment (28), node (27), this (26), bug (24), enhancements (24), that (24), aws (24), client (23), cluster (23), configure (23), ruby (22), about (22), updated (21), habitat (20), health (19), etcd (19), configuration (19), packages (19), backup (18), ctl (18), users (18), supermarket (18), status (17), now (17), 2020 (17), new (16), leader (16), manage (16), api (16), prem (16), improve (14), following (14), leaderl (14), nodes (14), management (14), 2022 (14), reference (14), config (14), are (13), platforms (13), release (13), community (13), recovery (13), restore (13), settings (13), managed (13), resolve (13), 2019 (13), license (13), updates (12), openjdk (12), started (12), cves (12), 2017 (12), workstation (12), 360 (12), supported (11), create (11), set (11), system (11), 2018 (11), platform (11), all (10), epmd (10), disk (10), using (10), data (10), compliance (10), effortless (10), saas (10), opensearch (10), database (10), update (9), component (9), upgrades (9), package (9), you (9), which (9), cloud (9), service (9), guide (9), certificates (9), requirements (9), ssl (8), files (8), erlang (8), improvements (8), upgrading (8), your (8), can (8), fail (8), performance (8), resources (8), prerequisites (8), origin (8), disaster (8), desktop (8), iam (8), use (7), improved (7), timeout (7), deprecations (7), endpoint (7), log4j (7), notes (7), feedback (7), support (7), because (7), number (7), start (7), defaults (7), log (7), services (7), page (6), policy (6), licensing (6), checks (6), fix (6), leaders (6), packaging (6), memory (6), ionice (6), options (6), when (6), remove (6), cases (6), where (6), some (6), would (6), during (6), these (6), will (6), health_check (6), longer (6), user (6), default (6), failures (6), available (6), cookbooks (6), audit (6), migrate (6), inspec (6), style (6), cookstyle (6), troubleshooting (6), logs (6), get (6), integrations (6), dashboard (6), applications (6), certificate (6), add (6), enterprise (6), progress (5), used (5), see (5), terms (5), ciphers (5), checker (5), failover (5), directory (5), key (5), check (5), local (5), option (5), space (5), change (5), amazon (5), organizations (5), certain (4), trademarks (4), its (4), other (4), not (4), include (4), output (4), java (4), 8u144 (4), configurations (4), demoted (4), temporary (4), openssl (4), 2zb (4), rpm (4), deprecated (4), still (4), don (4), added (4), report (4), after (4), event (4), process (4), have (4), reduce (4), flags (4), instead (4), seconds (4), command (4), more (4), bugs (4), large (4), file (4), rolling (4), better (4), send (4), downloads (4), uninstall (4), groups (4), roles (4), saml (4), ldap (4), resource (4), packs (4), profiles (4), download (4), apis (4), monitor (4), private (4), quick (4), cops (4), firewalls (4), ports (4), authentication (4), authorization (4), high (4), availability (4), core (4), origins (4), profile (4), minio (4), single (4), cookbook (4), application (4), enrollment (4), setup (4), infrastructure (4), getting (4), migration (4), courier (4), tokens (4), jobs (4), app (4), integration (4), external (4), a2ha (4), premises (4), edition (4), product (3), names (3), robustness (3), regarding (3), minimum_master_nodes (3), removal (3), fails (3), ipv6 (3), checking (3), control (3), increased (3), allocation (3), caching (3), mitigation (3), digests (3), newly (3), table (3), contents (3), existing (3), only (3), follower (3), promote (3), promoting (3), failing (3), customer (3), installation (3), configurable (3), bumped (3), issues (3), fixed (3), multiple (3), information (3), back (3), our (3), documentation (3), has (3), machine (3), failure (3), non (3), downtime (3), list (3), embedded (3), tmp (3), isn (3), reports (3), removed (3), versions (3), clients (3), main (3), formatting (3), run (3), frontend (3), example (3), legacy (3), enhance (3), verify (3), scan (3), active (3), account (3), content (3), herein (2), software (2), corporation (2), one (2), subsidiaries (2), affiliates (2), rights (2), reserved (2), their (2), respective (2), owners (2), 2026 (2), modified (2), how (2), contact (2), was (2), test (2), specified (2), connections (2), while (2), ensured (2), stability (2), election (2), down (2), but (2), state (2), follow (2), shouldn (2), avoids (2), followers (2), replication (2), manually (2), overrides (2), respected (2), please (2), prefer (2), milliseconds (2), election_timeout (2), heartbeat_interval (2), changed (2), shmmax (2), required (2), allows (2), procedure (2), pgsql (2), force (2), times (2), before (2), upgraded (2), falls (2), recommend (2), reduced (2), appear (2), previously (2), port (2), mapper (2), daemon (2), empd (2), first (2), under (2), related (2), below (2), value (2), fatal (2), issue (2), removing (2), address (2), build (2), should (2), resume (2), leadership (2), requires (2), full (2), major (2), configures (2), sles (2), ubuntu (2), rhel (2), reliability (2), allocated (2), 32gb (2), running (2), join (2), timeouts (2), values (2), linux (2), class (2), 44228 (2), vulnerable (2), produce (2), time (2), require (2), later (2), doesn (2), resolves (2), elastic (2), many (2), bmp (2), verification (2), string (2), github (2), environments (2), bags (2), console (2), azure (2), remediation (2), share (2), what (2), scaffolding (2), variables (2), pattern (2), attributehelper (2), attributedefault (2), useplatformhelpers (2), unnecessaryplatformcasestatement (2), unnecessaryoscheck (2), trueclassfalseclassresourceproperties (2), simplifyplatformmajorversioncheck (2), overlycomplexsupportsdependsmetadata (2), negatingonlyif (2), includerecipewithparentheses (2), immediatenotificationtiming (2), filemode (2), defaultcopyrightcomments (2), copyrightcommentformat (2), commentsentencespacing (2), commentformat (2), chefwhaaat (2), attributekeys (2), invalidlicensestring (2), insecurecookbookurl (2), includeresourceexamples (2), includeresourcedescriptions (2), includepropertydescriptions (2), emptymetadatafield (2), defaultmetadatamaintainer (2), sharing (2), sshprivatekey (2), unlessdefinedrequire (2), requirenethttps (2), legacypowershelloutmethods (2), gemspecrequirerubygems (2), gemspeclicense (2), usecreateifmissing (2), unnecessarynameproperty (2), unnecessarydesiredstate (2), suggestsmetadata (2), stringpropertywithnildefault (2), sensitivepropertyinresource (2), resourcewithnothingaction (2), replacesmetadata (2), recipemetadata (2), providesmetadata (2), propertywithrequiredanddefault (2), propertysplatregex (2), ohaiattributetostring (2), namepropertyisrequired (2), multipleplatformchecks (2), longdescriptionmetadata (2), groupingmetadata (2), doublecompiletime (2), customresourcewithallowedactions (2), conflictsmetadata (2), attributemetadata (2), aptrepositorynotifiesaptupdate (2), aptrepositorydistributiondefault (2), redundantcode (2), zipfileresource (2), windowszipfileusage (2), windowsscresource (2), windowsregistryuac (2), whyrunsupportedtrue (2), useszypperrepo (2), userequirerelative (2), usemultipackageinstalls (2), usecheflanguagesystemdhelper (2), usecheflanguageenvhelpers (2), usecheflanguagecloudhelpers (2), usebuildessentialresource (2), unnecessarymixlibshelloutrequire (2), unnecessarydependschef15 (2), unnecessarydependschef14 (2), sysctlparamresource (2), simplifyaptppasetup (2), shellouttochocolatey (2), shellouthelper (2), sevenziparchiveresource (2), setorreturninresources (2), respondtoresourcename (2), respondtoprovides (2), respondtoinmetadata (2), respondtocompiletime (2), resourcenamefrominitialize (2), resourceforcingcompiletime (2), providesfrominitialize (2), propertywithnameattribute (2), powershellscriptexpandarchive (2), powershellinstallwindowsfeature (2), powershellinstallpackage (2), powershellguardinterpreter (2), osxconfigprofileresource (2), opensslx509resource (2), opensslrsakeyresource (2), noderolesinclude (2), nodeinitpackage (2), minitesthandlerusage (2), macosxuserdefaults (2), libarchivefileresource (2), legacyberksfilesource (2), includingwindowsdefaultrecipe (2), includingohaidefaultrecipe (2), includingmixinshelloutinresources (2), includingaptdefaultrecipe (2), ifprovidesdefaultaction (2), foodcriticcomments (2), executetzutil (2), executesysctl (2), executesleep (2), executescexe (2), executeaptupdate (2), emptyresourceinitializemethod (2), dslincludeinresource (2), dependsonzyppercookbook (2), dependsonwindowsfirewallcookbook (2), dependsontimezonelwrpcookbook (2), dependsonopensslcookbook (2), dependsonlocalecookbook (2), dependsonkernelmodulecookbook (2), dependsonchocolateycookbooks (2), dependsonchefvaultcookbook (2), definitions (2), defineschefspecmatchers (2), defaultactionfrominitialize (2), declareactionclass (2), databaghelpers (2), customresourcewithattributes (2), cronmanageresource (2), crondfileortemplate (2), conditionalusingtest (2), classevalactionclass (2), chefgemnokogiri (2), allowedactionsfrominitialize (2), actionmethodinresource (2), modernize (2), searchforenvironmentsorroles (2), dependschefvault (2), cookbookusessearch (2), cookbookusesroles (2), cookbookusespolicygroups (2), cookbookusesenvironments (2), cookbookusesdatabags (2), chefvaultused (2), berksfile (2), windowsversionhelpers (2), windowstaskchangeaction (2), windowspackageinstallertypestring (2), windowsfeatureservermanagercmd (2), verifypropertyusesfileexpansion (2), useyamldump (2), usesruncommandhelper (2), usesdeprecatedmixins (2), useschefresthelpers (2), userdeprecatedsupportsproperty (2), useinlineresourcesdefined (2), useautomaticresourcename (2), searchusespositionalparameters (2), rubyblockcreateaction (2), ruby27keywordargumentwarnings (2), resourcewithoutunifiedtrue (2), resourceusesupdatedmethod (2), resourceusesproviderbasemethod (2), resourceusesonlyresourcename (2), resourceusesdslnamemethod (2), resourceoverridesprovidesmethod (2), resourceinheritsfromcompatresource (2), requirerecipe (2), powershellcookbookhelpers (2), policyfilecommunitysource (2), poisearchiveusage (2), partialsearchhelperusage (2), partialsearchclassusage (2), nodesetwithoutlevel (2), nodesetunless (2), nodeset (2), nodemethodsinsteadofattributes (2), nodedeepfetch (2), namepropertywithdefaultvalue (2), macosuserdefaultsglobalproperty (2), logresourcenotifications (2), localedeprecatedlcallproperty (2), librarianchefspec (2), legacyyumcookbookrecipes (2), legacynotifysyntax (2), launchddeprecatedhashproperty (2), includingyumdnfcompatrecipe (2), includingxmlrubyrecipe (2), hwrpwithoutunifiedtrue (2), hwrpwithoutprovides (2), foodcritictesting (2), foodcriticfile (2), executerelativecreateswithoutcwd (2), executepathproperty (2), erlcallresource (2), epicfail (2), eolauditmodeusage (2), easyinstallresource (2), deprecatedyumrepositoryproperties (2), deprecatedyumrepositoryactions (2), deprecatedwindowsversioncheck (2), deprecatedsudoactions (2), deprecatedshelloutmethods (2), deprecatedplatformmethods (2), deprecatedchefspecplatform (2), dependsonomnibusupdatercookbook (2), dependsonchefreportingcookbook (2), dependsonchefnginxcookbook (2), delivery (2), cookbooksdependsonself (2), cookbookdependsonpoise (2), cookbookdependsonpartialsearch (2), cookbookdependsoncompatresource (2), chocolateypackageuninstallaction (2), chefwindowsplatformhelper (2), chefsugarhelpers (2), chefspeclegacyrunner (2), chefspeccoveragereport (2), chefshellout (2), chefrewind (2), chefhandlerusessupports (2), chefhandlerrecipe (2), cheffile (2), chefdkgenerators (2), tmppath (2), supportsmustbefloat (2), serviceresource (2), scopedfileexist (2), resourcewithnoneaction (2), resourcesetsnameproperty (2), resourcesetsinternalproperties (2), propertywithouttype (2), powershellscriptdeletefile (2), powershellfileexists (2), opensslpasswordhelpers (2), octalmodeasstring (2), notifiesactionnotsymbol (2), nodenormalunless (2), nodenormal (2), metadatamissingversion (2), metadatamissingname (2), metadatamalformeddepends (2), malformedplatformvalueforplatformhelper (2), macosuserdefaultsinvalidtype (2), lazyinresourceguard (2), lazyevalnodeattributedefaults (2), invalidversionmetadata (2), invalidplatformvalueforplatformhelper (2), invalidplatformvalueforplatformfamilyhelper (2), invalidplatformmetadata (2), invalidplatformincase (2), invalidplatformhelper (2), invalidplatformfamilyincase (2), invalidplatformfamilyhelper (2), invalidnotificationtiming (2), invalidnotificationresource (2), invaliddefaultaction (2), invalidcookbookname (2), incorrectlibraryinjection (2), emptyresourceguard (2), dnfpackageallowdowngrades (2), cookbookusesnodesave (2), conditionalrubyshellout (2), chefapplicationfatal (2), blockguardwithonlystring (2), correctness (2), v25 (2), v26 (2), tuning (2), optional (2), usage (2), tiered (2), airgap (2), capacity (2), planning (2), plan (2), base (2), 2025 (2), refresh (2), strategy (2), bootstrap (2), membership (2), rbac (2), keys (2), rotate (2), certs (2), separate (2), scale (2), artifactory (2), artifact (2), store (2), warm (2), spare (2), env (2), connect (2), windows_update_settings (2), windows_power_management (2), windows_password_policy (2), windows_ie_esc (2), windows_firewall (2), windows_disk_encryption (2), windows_desktop_winrm_settings (2), windows_desktop_screensaver (2), windows_defender_exclusion (2), windows_defender (2), windows_choco_installer (2), windows_automatic_logout (2), windows_app_management (2), windows_admin_control (2), rescue_account (2), macos_power_management (2), macos_password_policy (2), macos_firewall (2), macos_disk_encryption (2), macos_desktop_screensaver (2), macos_automatic_software_updates (2), macos_automatic_logout (2), macos_app_management (2), macos_admin_control (2), windows (2), macos (2), zero (2), touch (2), redirect (2), sso (2), opsworks (2), skills (2), administration (2), guides (2), enroll (2), clis (2), san (2), best (2), practices (2), feature (2), cli (2), architecture (2), administrator (2), incident (2), servicenow (2), marketplace (2), runs (2), setting (2), eas (2), feed (2), teams (2), policies (2), actions (2), projects (2), credentials (2), lifecycle (2), feeds (2), notifications (2), cleanup (2), monitoring (2), centralize (2), ingestion (2), invalid (2), login (2), attempts (2), telemetry (2), session (2), disclosure (2), panel (2), banner (2), collection (2), topics (2), manager (2), bastion (2), sudo (2), password (2), rds (2), vpc (2), cidr (2), load (2), balancer (2), faqs (2), benchmarks (2), rotation (2), self (2), signed (2), custom (2), view (2), bootstrapping (2), commands (2), generation (2), place (2), efs (2), object (2), storage (2), filesystem (2), airgapped (2), tutorial (2), shortcodes (2), front (2), matter (2), reuse (2), hugo (2), procedures (2), tables (2), headings (2), notices (2), markdown (2), lists (2), linking (2), tools (2), house (2), contribute (2), docs (2), guidelines (2), contributions (2), commercial (2), script (2), accept (2), training (2), blog (2), registered, countries, appropriate, markings, any, contained, inclusion, does, imply, endorsement, affiliation, sponsorship, between, copyright, last, april, cookie, privacy, trademark, site, map, thank, submit, fill, field, document, ask, stuck, yes, helpful, misc, code, cleanups, overwrite, multi, hosts, retried, waiting, gracefully, handled, syncing, conf, uses, correct, made, possible, clean, partially, shows, erroneously, there, keeps, long, become, leaderless, elected, slow, waited, connection, rather, than, simple, promotion, processes, nomethoderror, forced, checkpoint, instance, synchronous, missing, proven, spurious, failovers, deploying, various, providers, 1000, 5000, 100, 500, leaderl_ttl_seconds, interval_seconds, based, sysctl, they, previous, remember, shmall, 503, haven, initiated, tunable, required_active_followers, straightforward, human, intervention, needed, basebackup, max_pgsql_failures, max_etcd_failures, max_elasticsearch_failures, triggering, maximum, each, via, snapshot_count, customization, etc, too, far, behind, max_bytes_behind_leader, prior, flicker, slower, terminals, rendering, indicators, function, waits, minutes, done, wait, take, zlib, further, periodically, attempt, register, itself, failed, part, runtime, typically, automatically, supervision, restarted, exposed, through, queried, fatal_system_checks, true, directories, 250mb, considered, purposes, low, won, over, make, adapt, minimum, count, leaves, unrecoverable, 3526, demotion, stops, result, means, couldn, track, whether, action, taken, ship, details, instructions, breaking, 8780, 8779, 8778, 8777, 6914, 17742, 17405, out, box, older, less, secure, allowed, own, stored, temp_directory, var, opt, blocked, eligible, includes, flag, controls, duration, 600, 10208, 10130, 10925, 10915, 1058, 1053, 7548, 7547, 7546, 7486, 7485, 7484, 15099, 12172, 8325, 8324, 8323, 8322, 8321, 8320, 16255, 16254, 16201, 15845, 16396, 16395, 2015, 9251, 2012, 6708, 7611, 8442, language, 3rd, 4th, recommends, slightly, allow, room, moved, oraclejdk, adoptopenjdk, oracle, newer, jdk, project, delivering, open, source, friendly, validator, problem, prevented, completion, serves, locally, cached, response, possibility, returned, polling, polls, thus, believe, outages, resulted, request, controlling, input, scheduling, priority, respectively, mirror, current, level, detects, subject, retries, makes, fewer, calls, unnecessary, overs, changes, 25696, 25694, 25695, 14350, 14803, 14798, 14797, 14796, 14792, 14782, 14781, 14779, 2161, 2163, 2388, 2369, 2341, 35603, 35586, 35578, 35567, 35564, 35561, 35559, 35556, 35565, 35550, 1968, 1971, 23839, 23840, 23841, 3712, let, encrypt, 10933, 10663, 28965, 25613, 31799, 32066, 31810, 41819, 41817, mitigated, vulnerability, outlined, disabling, message, within, logging, concerns, digest, md5, sha256, prevent, installing, fips, enabled, systems, end, life, backs, speeds, restoring, backed, generate, reindex, eol, warnings, reconfigure, direct, aren, intermediate, then, both, steps, method, workflow, directly, complete, shutdown, perform, matrix, 44832, 45105, 45046, stated, realize, internal, installations, improves, adds, capabilities, receive, 21365, enhanced, processing, 21360, image, 21341, serial, forms, transport, 21340, jar, 21305, array, indexing, 21277, tiff, handling, 21299, scanning, xml, entities, 21296, sax, parser, 21282, resolution, uris, 21294, construction, identity, maps, 21293, constructions, 21291, methods, 21283, matching, 21248, cross, serialization, installed, 770, development, representative, migrating, warning, menu, search, skip,


Text of the page (random words):
ingaptdefaultrecipe includingmixinshelloutinresources includingohaidefaultrecipe includingwindowsdefaultrecipe legacyberksfilesource libarchivefileresource macosxuserdefaults minitesthandlerusage nodeinitpackage noderolesinclude opensslrsakeyresource opensslx509resource osxconfigprofileresource powershellguardinterpreter powershellinstallpackage powershellinstallwindowsfeature powershellscriptexpandarchive propertywithnameattribute providesfrominitialize resourceforcingcompiletime resourcenamefrominitialize respondtocompiletime respondtoinmetadata respondtoprovides respondtoresourcename setorreturninresources sevenziparchiveresource shellouthelper shellouttochocolatey simplifyaptppasetup sysctlparamresource unnecessarydependschef14 unnecessarydependschef15 unnecessarymixlibshelloutrequire usebuildessentialresource usecheflanguagecloudhelpers usecheflanguageenvhelpers usecheflanguagesystemdhelper usemultipackageinstalls userequirerelative useszypperrepo whyrunsupportedtrue windowsregistryuac windowsscresource windowszipfileusage zipfileresource chef redundantcode aptrepositorydistributiondefault aptrepositorynotifiesaptupdate attributemetadata conflictsmetadata customresourcewithallowedactions doublecompiletime groupingmetadata longdescriptionmetadata multipleplatformchecks namepropertyisrequired ohaiattributetostring propertysplatregex propertywithrequiredanddefault providesmetadata recipemetadata replacesmetadata resourcewithnothingaction sensitivepropertyinresource stringpropertywithnildefault suggestsmetadata unnecessarydesiredstate unnecessarynameproperty usecreateifmissing chef ruby gemspeclicense gemspecrequirerubygems legacypowershelloutmethods requirenethttps unlessdefinedrequire chef security sshprivatekey chef sharing defaultmetadatamaintainer emptymetadatafield includepropertydescriptions includeresourcedescriptions includeresourceexamples insecurecookbookurl invalidlicensestring chef style attributekeys chefwhaaat commentformat commentsentencespacing copyrightcommentformat defaultcopyrightcomments filemode immediatenotificationtiming includerecipewithparentheses negatingonlyif overlycomplexsupportsdependsmetadata simplifyplatformmajorversioncheck trueclassfalseclassresourceproperties unnecessaryoscheck unnecessaryplatformcasestatement useplatformhelpers inspec deprecations attributedefault attributehelper effortless pattern effortless overview quick start effortless audit effortless config variables and config what is scaffolding supermarket about supermarket share cookbooks private supermarket about private supermarket install configure backup and restore monitor log files upgrades reference supermarket ctl supermarket api release notes chef 360 platform chef automate chef backend chef download apis chef habitat chef infra client chef infra server chef inspec chef local license service chef manage chef migrate chef supermarket chef workstation chef compliance chef compliance audit profiles chef compliance remediation chef cloud resource packs aws cloud resources azure cloud resources legacy chef manage about the management console uninstall manage rb chef manage ctl active directory ldap configure saml clients cookbooks data bags environments nodes roles organizations groups users uninstall available on github downloads send feedback support chef documentation release notes chef backend release notes table of contents warning chef backend is deprecated and no longer under active development contact your chef account representative for information about migrating to chef automate ha chef backend 3 1 1 bug fixes we fixed an issue where new nodes would fail to join a backend cluster installed with chef backend 3 0 0 770 security openjdk 11 0 14 we updated openjdk from 11 0 13 to 11 0 14 to resolve the following cves cve 2022 21248 enhance cross vm serialization cve 2022 21283 better string matching cve 2022 21291 better verification of scan methods cve 2022 21293 improve string constructions cve 2022 21294 enhance construction of identity maps cve 2022 21282 better resolution of uris cve 2022 21296 improve sax parser configuration management cve 2022 21299 improved scanning of xml entities cve 2022 21277 improve tiff file handling cve 2022 21305 better array indexing cve 2022 21340 verify jar verification cve 2022 21341 improve serial forms for transport cve 2022 21360 enhance bmp image support cve 2022 21365 enhanced bmp processing chef backend 3 0 0 enhancements elasticsearch 6 8 23 we updated elasticsearch from 5 6 16 to 6 8 23 this new version of elasticsearch improves performance and reliability and it adds many new capabilities the 5 6 16 release of elasticsearch is no longer supported by elastic and doesn t receive security updates elasticsearch 6 8 23 resolves multiple cves and updates log4j to 2 17 1 which resolves cve 2021 44832 cve 2021 45105 cve 2021 45046 and cve 2021 44228 while elastic has stated that elasticsearch isn t vulnerable to these cves we realize that many organizations have internal requirements to upgrade legacy log4j installations upgrading you can upgrade to chef backend 3 0 0 directly from version 2 1 0 or later using a rolling upgrade where one chef backend node is upgraded at a time it doesn t require a complete cluster shutdown to perform the upgrade see the upgrade matrix below and our chef backend upgrade documentation for more information upgrade workflow method 1 x 2 x major version upgrade 2 0 x 2 x rolling upgrade 2 1 and later 3 0 rolling upgrade 2 0 3 0 direct upgrades aren t supported at this time you can upgrade to an intermediate version and then to 3 0 0 for example 2 0 1 2 3 16 3 0 0 both of these steps are rolling upgrades that don t require downtime chef backend 2 3 16 fixes we ve updated the chef infra client which is used in the chef backend ctl reconfigure command from 15 x to 16 17 to resolve eol warnings when running enhancements chef backend ctl backup no longer backs up the elasticsearch cluster which speeds up backup times users restoring a backed up cluster can instead run chef server ctl reindex all from a frontend node to generate new data in elasticsearch packaging newly supported platforms we now produce chef backend packages for sles 15 amazon linux 2 and ubuntu 20 04 deprecated platforms we no longer produce chef backend packages for rhel 6 as this platform is now end of life rpm package digests we updated the file digest in chef backend rpm packages from md5 to sha256 to prevent failures from installing on some fips enabled systems security log4j mitigation we mitigated the log4j vulnerability that s outlined in cve 2021 44228 by disabling message formatting within logging chef backend isn t vulnerable to this cve in log4j but this change avoids security concerns with this cve ruby 2 7 5 we updated ruby from 2 6 5 to 2 7 5 for improved performance and to resolve the following cves cve 2021 41817 cve 2021 41819 cve 2021 31810 cve 2021 32066 cve 2021 31799 cve 2020 25613 cve 2021 28965 cve 2020 10663 cve 2020 10933 openssl 1 0 2zb we updated openssl from 1 0 2v to 1 0 2zb to resolve issues with let s encrypt certificates and to resolve the following cves cve 2021 3712 cve 2021 23841 cve 2021 23840 cve 2021 23839 cve 2020 1971 cve 2020 1968 openjdk 11 0 13 8 we updated openjdk from 11 0 7 10 to 11 0 13 8 to resolve the following cves cve 2021 35550 cve 2021 35565 cve 2021 35556 cve 2021 35559 cve 2021 35561 cve 2021 35564 cve 2021 35567 cve 2021 35578 cve 2021 35586 cve 2021 35603 cve 2021 2341 cve 2021 2369 cve 2021 2388 cve 2021 2163 cve 2021 2161 cve 2020 14779 cve 2020 14781 cve 2020 14782 cve 2020 14792 cve 2020 14796 cve 2020 14797 cve 2020 14798 cve 2020 14803 postgresql 9 5 25 we updated postgresql from 9 5 19 to 9 5 25 to resolve the following cves cve 2020 14350 cve 2020 25695 cve 2020 25694 cve 2020 25696 chef backend 2 2 0 improvements improve health checker the health checker is now modified to reduce the number of unnecessary fail overs changes to the health checker include the postgresql health check makes fewer calls to postgresql all postgresql failures are subject to health check retries bug fix we removed the etcd health check because the main leader election detects etcd failures first ionice configuration options we ve added new ionice settings for controlling the disk input output scheduling class and set priority for the etcd process etcd ionice class and etcd ionice level settings with the default values of 2 and 0 respectively the default values mirror the current system defaults on linux leader endpoint caching the leader endpoint now serves a locally cached response this change should reduce the possibility of timeouts returned to clients that are polling the leader endpoint the chef infra server polls the leader endpoint and thus we believe this change will reduce some chef backend outages that resulted from leader request timeouts bug fixes we fixed a postgresql validator problem that prevented join cluster from running to completion component updates chef infra client 15 12 22 we ve updated the embedded chef infra client that s used for chef backend configuration from 14 14 25 to 15 12 22 ruby 2 6 5 we ve updated ruby from 2 5 7 to 2 6 5 for improved performance chef backend 2 1 0 improvements openjdk we ve moved from oraclejdk to adoptopenjdk because oracle has changed its license on newer versions of the jdk the openjdk project is delivering security updates in a version with a more open source friendly licensing policy increased elasticsearch memory allocation elasticsearch is now allocated 1 3rd of the available memory up to 32gb instead of 1 4th elasticsearch recommends using 1 2 of the available system memory up to 32gb we slightly reduced the allocated memory to allow room for other chef backend services component updates erlang 18 3 we ve updated the erlang language that s used to build chef backend from 18 2 to 18 3 to improve reliability etcd 2 3 8 we ve updated etcd from 2 3 7 to 2 3 8 to resolve bugs chef infra client 14 14 25 we ve updated the embedded chef infra client that configures chef backend from 14 11 21 to 14 14 25 security fixes elasticsearch 5 6 16 we ve updated elasticsearch from 5 4 1 to 5 6 16 to resolve a large number of bugs improve performance and resolve the following cves cve 2017 8442 cve 2019 7611 ruby 2 5 7 we ve updated ruby from 2 4 4 to 2 5 7 for performance improvements and bug fixes and to resolve the following cves cve 2012 6708 cve 2015 9251 cve 2018 16395 cve 2018 16396 cve 2019 15845 cve 2019 16201 cve 2019 16254 cve 2019 16255 cve 2019 8320 cve 2019 8321 cve 2019 8322 cve 2019 8323 cve 2019 8324 cve 2019 8325 postgresql 9 5 19 we ve updated postgresql from 9 5 6 to 9 5 19 to resolve a large number of bugs and the following cves cve 2017 12172 cve 2017 15099 cve 2017 7484 cve 2017 7485 cve 2017 7486 cve 2017 7546 cve 2017 7547 cve 2017 7548 cve 2018 1053 cve 2018 1058 cve 2018 10915 cve 2018 10925 cve 2019 10130 cve 2019 10208 packaging new platforms we added support for rhel 8 deprecations we removed support for ubuntu 14 04 we removed support for sles 11 chef backend 2 0 30 enhancements backup timeout control the backup command now includes a new timeout flag that controls the timeout duration in seconds it defaults to 600 seconds cluster status the cluster status command now reports leaders that are blocked and leaders that are eligible elasticsearch temporary files elasticsearch temporary files are now stored in var opt chef backend elasticsearch tmp you can change this value with a new elasticsearch temp_directory configuration option the elasticsearch tmp directory isn t its own tmp directory component upgrades chef infra client 13 9 1 we ve updated the embedded chef infra client that configures chef backend from 13 3 42 to 13 9 1 security ssl ciphers we ve improved out of the box ssl security by removing older and less secure ssl ciphers from the list of allowed ssl ciphers ruby 2 4 4 we ve updated ruby from 2 3 5 to 2 4 4 to improve performance and to resolve the following cves cve 2017 17405 cve 2017 17742 cve 2018 6914 cve 2018 8777 cve 2018 8778 cve 2018 8779 cve 2018 8780 chef backend 2 0 1 we ve bumped the major version because of a breaking change in the upgrade procedure upgrading to this version requires full cluster downtime before upgrading see our guide to upgrading to chef backend 2 enhancements elasticsearch 5 we now ship elasticsearch 5 by default this requires a full cluster downtime during the upgrade see the upgrade instructions for this release for more details improved health checking for demoted leaders during demotion the management service leaderl stops postgresql previously this would result in all health checks for postgresql failing which means that the node couldn t resume leadership now we track whether postgresql is only down because of action taken by leaderl which allows demoted leaders to resume leadership in some cases bug fixes epmd fails on certain ipv6 configurations this build should fix issues that are related to the erlang port mapper daemon empd failing to start in some epmd configurations security fixes java 8u144 we updated the version of java to 8u144 to address cve 2017 3526 ruby 2 3 5 we updated the version of ruby to 2 3 5 to address multiple cves chef backend 1 4 6 bug fix update minimum_master_nodes on elasticsearch node removal this release fixes an issue when removing nodes from the cluster would not adapt the minimum node count that s required for the elasticsearch cluster that s managed by chef backend which leaves the cluster in an unrecoverable state enhancements include disk status in health checks and status output when the available disk space for the log and data directories that are used by chef backend falls below a user configurable value default 250mb by default disk space failures are considered non fatal for the purposes of leaderl health checks that is low disk space won t force a fail over to make disk space failures fatal set the following configuration option leaderl health_check fatal_system_checks true the disk space related health status can be queried using chef backend ctl status disk which is exposed through the status endpoint improve robustness regarding epmd the erlang port mapper daemon empd is part of the erlang runtime system typically this service is started automatically by the first erlang process to start on a machine by promoting epmd to a service under supervision the service will now appear in chef backend ctl status and will be restarted on failure further leaderl will now periodically attempt to re register itself with epmd if epmd has failed security updates we ve bumped zlib to 1 2 11 chef backend 1 3 2 this release is a bug fix release bug fixes we ve fixed multiple bugs in the backup and restore process we recommend that all users take a new backup after upgrading see our documentation for information about how to back up and restore your chef infra server the pgsql prom...
Images from subpage: "docs.chef.io/habitat/builder/saas/builder_origins/" Verify
Images from subpage: "docs.chef.io/habitat/builder/saas/builder_origin_packages/... " Verify
Images from subpage: "docs.chef.io/habitat/builder/saas/builder_api/" Verify
Images from subpage: "docs.chef.io/habitat/supported_packages/package_refresh_stra... " Verify
Images from subpage: "docs.chef.io/habitat/supported_packages/core_base_2025/... " Verify

The site also has references to the 2 subdomain(s)

  chef.io  Verify   community.chef.io  Verify


The site also has 1 references to external domain(s).

 github.com  Verify


Top 50 hastags from of all verified websites.

Supplementary Information (add-on for SEO geeks)*- See more on header.verify-www.com

Header

HTTP/2 301
cache-status Netlify Edge ; fwd=miss
content-type text/html
date Sun, 05 Jul 2026 10:51:01 GMT
location /release_notes/backend/
server Netlify
strict-transport-security max-age=31536000
x-nf-request-id 01KWRYEAJF9KY4YTZWQ9D2YGVA
content-length 98
HTTP/2 200
accept-ranges bytes
age 0
cache-control public,max-age=0,must-revalidate
cache-status Netlify Edge ; fwd=miss
content-encoding gzip
content-type text/html; charset=UTF-8
date Sun, 05 Jul 2026 10:51:01 GMT
etag 9ba7578351cc77e4af939464e8e8e763-ssl-df
permissions-policy vibrate=(), geolocation=(), midi=(), notifications=(), push=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), speaker=(), vibrate=(), fullscreen=(), payment=()
referrer-policy no-referrer-when-downgrade
server Netlify
strict-transport-security max-age=2592000
vary Accept-Encoding
x-content-type-options nosniff
x-frame-options DENY
x-nf-request-id 01KWRYEAXJJT3KPRVGMRPMK12Y
x-xss-protection X-XSS-Protection: 1

Meta Tags

title="Chef Backend release notes"
charset="utf-8"
name="description" content="Chef Backend release notes"
http-equiv="x-ua-compatible" content="ie=edge"
name="viewport" content="width=device-width,initial-scale=1"
name="robots" content
class="swiftype" name="chef-product" data-type="string" content
name="hugo_env" content="production"

Load Info

page size161787
load time (s)0.913429
redirect count1
speed download34386
server IP 3.33.186.135
* all occurrences of the string "http://" have been changed to "htt???/"