## Chef Server is now Chef Infra Server Chef Server has a new name, but don't worry, it's the same Chef Server you've grown used to. You'll notice new branding throughout the application and documentation but the command chef-server-ctl remains the same. ## Chef EULA Chef Infra Server requires an EULA to be accepted by users before it can be installed. Users can accept the EULA in a variety of ways: - `chef-server-ctl reconfigure --chef-license accept` - `chef-server-ctl reconfigure --chef-license accept-no-persist` - `CHEF_LICENSE="accept" chef-server-ctl reconfigure` - `CHEF_LICENSE="accept-no-persist" chef-server-ctl reconfigure` Finally, if users run `chef-server-ctl reconfigure` without any of these options, they will receive an interactive prompt asking for license acceptance. If the license is accepted, a marker file will be written to the filesystem unless `accept-no-persist` is specified. Once this marker file is persisted, users no longer need to set any of these flags. See our [Frequently Asked Questions document](https://www.chef.io/subscription-model-faq) for more information on the EULA and license acceptance. ## Deprecation notice - [Deprecated PowerPC and s390x platforms](https://blog.chef.io/2018/11/01/end-of-life-announcement-for-chef-server-for-linux-on-ibm-z-and-linux-on-ibm-power-systems/) - [Deprecated Keepalived/DRBD-based HA](https://blog.chef.io/2018/10/02/end-of-life-announcement-for-drbd-based-ha-support-in-chef-server/) - Deprecated Ubuntu 14.04 support. (Ubuntu 14.04 was EoL'd at the end of April 2019) ## Updates and Improvements - Added some Habitat packaging improvements with parameterized search_server. - Erchef request size increased from 1,000,000 to 2,000,000 bytes to better support InSpec scanning via the audit cookbook. - Nginx error logs no longer log 404s. In the Chef API, 404s are typically not errors as they are often the expected response about an object that doesn't exist. The logs will continue to show 404s in the request logs. - Profiles and data-collector upstreams now render correctly if their root_url is configured. If the data_collector token secret is not set, a 401 response code and an error message will be seen instead of 404. ## Security ### Ruby Ruby has been updated from 2.5.3 to 2.5.4 to resolve the following CVEs: - [CVE-2019-8320](https://nvd.nist.gov/vuln/detail/CVE-2019-8320) - [CVE-2019-8321](https://nvd.nist.gov/vuln/detail/CVE-2019-8321) - [CVE-2019-8322](https://nvd.nist.gov/vuln/detail/CVE-2019-8322) - [CVE-2019-8323](https://nvd.nist.gov/vuln/detail/CVE-2019-8323) - [CVE-2019-8324](https://nvd.nist.gov/vuln/detail/CVE-2019-8324) - [CVE-2019-8325](https://nvd.nist.gov/vuln/detail/CVE-2019-8325) ### OpenResty OpenResty was updated from 1.11.2.1 to 1.13.6.2 to resolve the following CVEs: - [CVE-2018-9230](https://nvd.nist.gov/vuln/detail/CVE-2018-9230) - [CVE-2017-7529](https://nvd.nist.gov/vuln/detail/CVE-2017-7529)