## Improvements
- Chef Server supports running in FIPS mode on the Amazon Linux 2 platform.   

## Updated Components
- Chef gem to 18.8.46

## Security
- Updated OpenSearch to Tuxcare OpenSearch 1.3.20.tuxcare.1.0.2 to address the following CVEs:
   - CVE-2025-25193  
   - CVE-2024-47554  
   - CVE-2021-28170  
   - CVE-2025-48924  
   - CVE-2024-38820  
   - CVE-2025-48913  
   - CVE-2024-38819  
   - CVE-2024-38828  
   - CVE-2024-38820  
   - CVE-2025-22233  

- Updated Postgres 13.22.tuxcare.1.0.1 to resolve the following CVEs:
   - CVE-2025-8714  
   - CVE-2025-8715  
   - CVE-2025-8713  

- Updated OpenJDK to 17.0.16+8 to address the following CVEs:
   - CVE-2025-30749  
   - CVE-2025-30754  
   - CVE-2025-50059  
   - CVE-2025-50106  

- Updated rack to 3.2.3 to resolve the following CVEs:
   - CVE-2025-61919  
   - CVE-2025-61780  
   - CVE-2025-61772  
   - CVE-2025-61771  
   - CVE-2025-61770  

- Updated OpenResty to 1.27.1.2 to resolve the following CVEs:
   - CVE-2024-39702  
   - CVE-2025-23419

## Service versions
This release uses:

* OpenResty 1.27.1.2
* OpenJRE 17.0.9+9
* PostgreSQL 13.22.tuxcare.1.0.1
* OpenSearch 1.3.20-tuxcare-1.0.2
* Rack 3.2.3