Update copy in Chef Infra Server remediation steps (#240)

Make this a bit more clear Signed-off-by: Tim Smith <[email protected]>
mondoohq · Jul 3, 2023 · 319a83c · 319a83c
1 parent 5b69d9a
commit 319a83c
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/community/chef-infra-server.mql.yaml b/community/chef-infra-server.mql.yaml
@@ -224,15 +224,15 @@ queries:
       file("/var/opt/opscode/nginx/etc/chef_https_lb.conf").content.contains("ssl_protocols TLSv1.2;")
     docs:
       desc: Chef Infra Server should be configured to only support modern TLS versions (currently 1.2 only as 1.3 is not supported)
-      remediation: Upgrade to the latest releases of Infra Server where this becomes the default.
+      remediation: Upgrade to Chef Infra Server 14.3.14 or later where this setting becomes the default.
   - uid: disable-insecure-addon-compat
     title: Disable insecure_addon_compat feature
     impact: 90
     mql: |
       file("/etc/opscode/chef-server.rb").content.contains("insecure_addon_compat false")
     docs:
       desc: Chef Infra Server provides backwards compatibility for legacy Infra Server add-ons that require less secure secrets storage. All currently supported add-ons currently support secure secrets management.
-      remediation: Upgrade to Chef Manage 2.5+ and set `insecure_addon_compat false` in the `chef-server.rb` config.
+      remediation: Upgrade to Chef Manage 2.5 or later and set `insecure_addon_compat false` in the `chef-server.rb` config.
   - uid: remediate-cve-2023-28864
     title: Remediate against CVE-2023-28864
     impact: 100