Pending Release Notes - chef/chef-server GitHub Wiki

Chef Infra Server 15.10.111

Released on June 12th, 2026

Security improvements

• Updated JWT to 3.2.0 in oc-id and chef-server-ctl to address JWT-related security risk. (#4193)
• Updated Addressable to 2.9.0 in both oc-id and chef-server-ctl for CVE remediation. (#4178, #4192)
• Updated Rails from 7.1.5.2 to 7.2.3.1 to resolve a security-related dependency update failure path. (#4189)

Bug fixes

• Added support for habitat log_rotation_type and associated lock updates. (#4188))
• Removed internal library detail leakage from the /version endpoint response. (#4159)
• Included rotate log synchronization fix. (#4201)

Improvements

• Updated bundled Chef Infra Client from 18.8.46 to 18.10.17. (#4182)
• Updated knife from 18.8.68 to 19.0.105 and knife-ec-backup from 3.0.5 to 3.0.8. (#4183)

Service versions

This release uses:

• OpenResty 1.29.2.5
• OpenJRE 17.0.9+9
• PostgreSQL 13.23.tuxcare.1.0.1
• OpenSearch 1.3.20-tuxcare-1.0.3
• Rack 3.2.4