## Upgrade journey Chef lets you choose your upgrade journey based on your current version of Chef Automate. You can do all the version upgrades manually. | Your Current Version | Upgrade To | | -------------------- | ---------- | | Any version before 20220329091442| 20220329091442| | 20220329091442| 3.0.x| | 3.0.49| 4.x| See the [Chef Automate 4.x upgrade documentation](https://docs.chef.io/automate/major_upgrade_4.x/) for more information. ## New features - Deploy Chef Automate HA on Azure provisioned infrastructure ([#8592](https://github.com/chef/automate/pull/8592)). ## Improvements - Improved welcome UI screen for Automate ([#8539](https://github.com/chef/automate/pull/8539)). - Improved Automate HA solution ensures services do not flap when re-booted nodes - ability to modify `fail_timeout`, `health_check_interval` parameters ([#8548](https://github.com/chef/automate/pull/8548)) ## Compliance profile updates - Compliance profiles are updated to version 1.0.0/20240823105414, which includes the new and improved profiles for: - RHEL 7 v4.0.0 - RHEL8 v3.0.0 - STIG RHEL 9 - Windows 2016 v3.0.0 - Windows 2019 v3.0.1 - STIG Microsoft IIS Server - STIG Postgres SQL ## Bug fixes - Fixed bug to ensure that complete report of controls is available for any date of compliance report in UI ([#8533](https://github.com/chef/automate/pull/8533)). - Fixed bug to improve handling of user provided data in string literal ([#8543](https://github.com/chef/automate/pull/8543)). ## Maintenance - Updated embedded Chef Infra Server to 15.10.12 - Updated embedded Chef Inspec to 4.56.61 ## Security ### Security updates - Updated MinIO to fix following CVEs ([#4625](https://github.com/habitat-sh/core-plans/pull/4625)): - CVE-2021-43858 - CVE-2022-24842 - CVE-2022-31028 - CVE-2022-35919 - CVE-2023-25812 - CVE-2023-28433 - CVE-2023-28433 - CVE-2023-28434 - CVE-2023-28432 - CVE-2023-27589 - CVE-2024-36107 - CVE-2024-24747 - CVE-2021-41137 - CVE-2020-11012 - CVE-2021-21287 - CVE-2021-21362 - CVE-2021-21390 - CVE-2018-1000538 - Removed end of life workflow components from Chef Automate ([#8472](https://github.com/chef/automate/pull/8472)) to solve following CVEs: - CVE-2023-26111 - CVE-2022-24999 - CVE-2022-46175 - CVE-2022-38900 - CVE-2022-31129 - CVE-2021-43138 - CVE-2022-0355 - CVE-2022-24785 - CVE-2021-32804 - CVE-2021-32803 - CVE-2022-0144 - CVE-2022-21680 - CVE-2022-21681 - CVE-2022-0155 - CVE-2021-37713 - CVE-2021-37712 - CVE-2021-37701 - Updated Angular in Chef Automate to 17.3.5 with all development dependencies including TypeScript and nodeJS to solve following CVE: - CVE-2022-24999 - CVE-2022-46175 - CVE-2021-3807 ([#8365](https://github.com/chef/automate/pull/8365), [#8451](https://github.com/chef/automate/pull/8451), [#8336](https://github.com/chef/automate/pull/8336), [#8337](https://github.com/chef/automate/pull/8337)) - Updated curl package to 8.7.1 ([#4676](https://github.com/habitat-sh/core-plans/pull/4676), [#8537](https://github.com/chef/automate/pull/8537)) to fix following CVEs: - CVE-2023-38545 - CVE-2023-38546 - CVE-2024-2398 - CVE-2023-46218 - Updated OpenSSL to 1.0.2zi ([#8536](https://github.com/chef/automate/pull/8536)) to solve following CVEs: - CVE-2021-3712 - CVE-2022-0778 - CVE-2022-1292 - CVE-2022-2068 - CVE-2022-4304 - CVE-2023-0215 - CVE-2023-0286 - CVE-2023-0464 - CVE-2023-0465 - CVE-2023-0466 - CVE-2023-3446 - CVE-2023-3817 - Updated NodeJS to 14.23.3 ([#3831](https://github.com/chef/chef-server/pull/3831)) to solve following CVEs: - CVE-2023-23918 - CVE-2023-23919 - CVE-2023-23920 - CVE-2023-23936 - CVE-2023-24807 ## Chef packaged product versions This release uses: - Chef Habitat version:1.6.521/20220603154827 - Chef Habitat Builder version: 9497/20221221224518 - Chef Infra Server version: 15.10.12/20240910074923 - Chef InSpec version: 4.56.61/20240809111842 ## Service versions This release uses: - Postgres: 13.14 - OpenSearch: 1.3.14 - Nginx: 1.25.4 - Haproxy: 2.2.29 - Dex: 2.27.0 ## Supported external Chef products This release supports the following external chef products: - Chef Infra Server version: 14.0.58+ - Chef Inspec version: 4.3.2+ - Chef Infra Client: 17.0.242+ - Chef Habitat: 0.81+ ## Supported framework versions This release is built on the following framework versions: - GoLang: 1.19.3 - OpenJDK: 11.0.22+7 - Angular: 11.2.6 View the [package manifest](https://packages.chef.io/manifests/current/automate/latest_semver.json) for the latest release.