## Upgrade Journey Chef lets you choose your **upgrade journey** based on your current version of Chef Automate. You can do all the version upgrades manually. | Your Current Version | Upgrade To | | -------------------- | ---------- | | Any version before 20220329091442| 20220329091442| | 20220329091442| 3.0.x| | 3.0.49| 4.x| See the [Chef Automate 4.x upgrade documentation](https://docs.chef.io/automate/major_upgrade_4.x/) for more information. ## Improvements - Support for deprecated ciphers on configuration. Refer to the following page for further details [Configuration Overview](https://docs.chef.io/automate/configuration/). - Updated the wal_sender_timeout and wal_receiver_timeout in HA postgres from 60 to 60000 seconds. ## Compliance Profile Updates We updated the Chef compliance profiles to version 1.0.0/20251027061057. This includes the new and improved profiles for: - CIS SUSE Linux 15 v2.0.0 Audits - CIS Red Hat Enterprise Linux 10 v1.0.0 - CIS Windows Server 2022 v4.0.0 ## Bug Fixes The issue where the Projects selection drop-down would disappear in specific scenarios has been resolved. ## Security ### Security Updates - Updated go-viper to fix the following CVEs: - CWE-117 - Updated nginx to 1.28.0 to resolve the following CVEs: - CVE-2024-24989 - CVE-2024-24990 - CVE-2024-7347 - CVE-2024-32760 - CVE-2024-35161 - CVE-2025-23419 - Updated tar-fs from version to 3.1.1 to address the following CVE: - CVE-2025-59343 - Updated from cross-spawn 7.0.3 to 7.0.6, which fixes: - CVE-2024-21538 - Updated OpenSearch to the Tuxcare OpenSearch 1.3.20.tuxcare.1.0.2 to address the following CVEs: - CVE-2025-25193 - CVE-2024-47554 - CVE-2021-28170 - CVE-2025-48924 - CVE-2024-38820 - CVE-2025-48913 - CVE-2024-38819 - CVE-2024-38828 - CVE-2024-38820 - CVE-2025-22233 - Updated Postgres 13.22 to resolve the following CVEs: - CVE-2025-8714 - CVE-2025-8715 - CVE-2025-8713 - Updated OpenJDK to 17.0.16+8 to address the following CVEs: - CVE-2025-30749 - CVE-2025-30754 - CVE-2025-50059 - CVE-2025-50106 - Updated Angular 19.2.15 to address the following CVE: - CVE-2025-59052 ## Chef Packaged Product Versions This release uses: - Chef Habitat version: 1.6.1243/20241227194506 - Chef Habitat Builder version: 10717/20250805204117 - Chef Infra Server version: 15.10.83 - Chef InSpec version: 5.22.95/20250805133317 ## Service Versions This release uses: - Postgres: 13.22.tuxcare.1.0.1 - OpenSearch: 1.3.20.tuxcare.1.0.2 - Nginx: 1.28.0 - Haproxy: 2.8.15 ## Supported External Chef Products This release supports the following external Chef products: - Chef Infra Server version: 14.0.58+ - Chef InSpec version: 4.3.2+ - Chef Infra Client: 17.0.242+ - Chef Habitat: 0.81+ ## Supported framework versions This release is built on the following framework versions: - GoLang: 1.24.4 - OpenJDK: 17.0.16+8 - Angular: 19.2.15 View the [package manifest](https://packages.chef.io/manifests/current/automate/latest_semver.json) for the latest release.