Today marks a new milestone for CFEngine, with the release of the new CFEngine 3.15.0 LTS. This is the newest Long Term Supported CFEngine series, introducing a lot of great stuff. The biggest new feature in CFEngine 3.15 is Federated Reporting, which we will cover later in this blog post, but there are many other new improvements as well. If you are interested to learn more, schedule training, or hear about pricing options, feel free to reach out to us!

We are now happy to release two new LTS versions of CFEngine, 3.10.7 LTS, and 3.12.3 LTS. This will be the last release of the CFEngine 3.10 LTS series. Standard Support of CFEngine 3.10 LTS ends end of this year. If you would like extended support, please contact us. From the CFEngine release schedule, we see that CFEngine 3.10 LTS is maintained and supported until December 28th, 2019.

Due to a number of vulnerabilities found in the version of Apache we bundle with CFEngine Hub, we have upgraded the CFEngine Hub packages to use an updated version of Apache. We upgrade from Apache 2.4.39 to Apache 2.4.41. We are now releasing a new version, CFEngine Hub 3.12.2-5. Only new Hub packages are being released, as no other packages are affected by these vulnerabilities.

When working on the new Federated Reporting feature for CFEngine we had to solve the problem of collecting data from multiple CFEngine hubs (feeders) on a single hub (superhub). CFEngine hubs are using PostgreSQL to store data, so, more specifically, the problem was how to collect data from multiple PostgreSQL databases in one PostgreSQL database.

This is a very exciting time for the CFEngine product team, the community, and the user base. As we are getting closer to the release of CFEngine 3.15 LTS, we can look back at some great improvements in the last few years.

Today we are happy to announce the general availability of CFEngine 3.15.0 beta. CFEngine 3.15 is our upcoming LTS (Long Term Support) release. The main focus of this release has been the new Federated Reporting feature. It also contains a lot of performance work and stability improvements.

On [2019-07-29 Mon] we released new builds of our Enterprise Hub packages for 3.12.2 and 3.14.0. This release addresses CVE-2019-10164. PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are vulnerable to a stack-based buffer overflow. Any authenticated user can overflow a stack-based buffer by changing the user’s own password to a purpose-crafted value. This often suffices to execute arbitrary code as the PostgreSQL operating system account.