Enterprise Chef 11.1.2 and Private Chef 1.4.8: Security Release
// Chef Blog
The following item is new for Enterprise Chef 11.1.2 and 1.4.8 and is a change from previous versions.
opscode-webui
Don't log or email the Rails session or environment from the exception handler. Doing so can cause user-submitted form values like passwords to be logged and emailed to administrators of the Enterprise Chef server when exceptions occur on the Management Console.
----
Shared via my feedly reader
No comments:
Post a Comment