## New Features

- Chef Infra Server now uses AWS Signature Version 4 (SigV4) when connecting to S3. SigV4 is the process to add authentication information to AWS API requests sent by HTTP.
- Chef Infra Server can now use virtual-hosted-style URLs when connecting to S3. Note: Chef Infra Server will continue to work only with path-style URLs when connecting to Bookshelf.
- Added new optional setting `s3_url_type` for specifying the URL style to be used when connecting to S3.
- Added support for Ubuntu 22.04.

## Improvements

- Updated gather logs to include Chef Infra Server upgrade version history in the `chef-version-history.txt` file.

## Bug Fixes

- Fixed a bug in the `knife user create` subcommand which allowed the creation of users with the same email address but with varying capitalization. For example, `this.user@example.com` and `This.User@example.com` could be assigned to separate users. Chef Infra Server now validates email addresses with varying capitalization as the same address.
- Fixed an issue where knife-tidy was removing needed cookbook versions when cleaning stale nodes from the most recent backup when running `/usr/bin/knife tidy server clean --backup-path /tmp/reports --yes`.

## Security

### OpenSearch

- CVE-2022-22971: Spring Framework DoS with STOMP over WebSocket.

### OpenJDK

- CVE-2022-21540: Class compilation issue.
- CVE-2022-21619: Improper handling of long NTLM client hostnames.
- CVE-2022-21626: Excessive memory allocation in X.509 certificate parsing.
- CVE-2022-21624: Insufficient randomization of JNDI DNS port numbers.
- CVE-2022-21628: HttpServer no connection count limit.
- CVE-2022-39399: Missing SNI caching in HTTP/2.
- CVE-2022-21618: Improper MultiByte conversion can lead to buffer overflow.