## Packaging

### Habitat Package Updates 

- Chef Infra Server Habitat packages are now built against Erlang 24.

## Bug Fixes

- Fixed an issue with Automate by setting `s3_url_type` configuration to `path`. Customers should now be able to upload cookbooks that were broken in Chef Infra Server 15.3.2.
- Fixed an issue with `chef-server-ctl reindex` by reading `nginx[ssl_port]` from the configuration.  This resolves an issue when the `nginx[ssl_port]` is not set to the default port(443).

## Updated Components

- rebar3 (3.6.2 -> 3.20.0)
- liblzma (5.2.6 -> 5.2.7)
- python (3.10.5 -> 3.11.0)
- bash (5.1.16 -> 5.2.9)
- popt (1.18 -> 1.19)

## Security

### Python

- CVE-2022-45061: An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA (RFC 3490) decoder.
- CVE-2022-42919: Allows local privilege escalation in a non-default configuration.
- CVE-2022-37454: An integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code.