diff --git a/CHANGELOG.md b/CHANGELOG.md
index 488a478b3fc..6e75530f2a4 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,16 +1,19 @@
 # Chef Server Changelog
 <!-- usage documentation: http://expeditor-docs.es.chef.io/configuration/changelog/ -->
-<!-- latest_release 15.8.1 -->
-## [15.8.1](https://github.com/chef/chef-server/tree/15.8.1) (2023-10-17)
+<!-- latest_release 15.9.1 -->
+## [15.9.1](https://github.com/chef/chef-server/tree/15.9.1) (2023-11-24)
 
 #### Merged Pull Requests
-- Fixes redis-lb logrotate file creation ownership [#3697](https://github.com/chef/chef-server/pull/3697) ([fretb](https://github.com/fretb))
+- Update rack version from 2.2.6.2 -&gt; 2.2.6.4 because of possible DOS Vulnerability in Multipart MIME parsing chef-server-ctl [#3733](https://github.com/chef/chef-server/pull/3733) ([talktovikas](https://github.com/talktovikas))
 <!-- latest_release -->
 
 <!-- release_rollup since=15.8.0 -->
 ### Changes since 15.8.0 release
 
 #### Merged Pull Requests
+- Update rack version from 2.2.6.2 -&gt; 2.2.6.4 because of possible DOS Vulnerability in Multipart MIME parsing chef-server-ctl [#3733](https://github.com/chef/chef-server/pull/3733) ([talktovikas](https://github.com/talktovikas)) <!-- 15.9.1 -->
+- added knife to omnibus dependency list. [#3739](https://github.com/chef/chef-server/pull/3739) ([sreepuramsudheer](https://github.com/sreepuramsudheer)) <!-- 15.9.0 -->
+- Fix verify pipeline: The repository... does not have a Release file. [#3740](https://github.com/chef/chef-server/pull/3740) ([lbakerchef](https://github.com/lbakerchef)) <!-- 15.8.2 -->
 - Fixes redis-lb logrotate file creation ownership [#3697](https://github.com/chef/chef-server/pull/3697) ([fretb](https://github.com/fretb)) <!-- 15.8.1 -->
 <!-- release_rollup -->
 
diff --git a/VERSION b/VERSION
index db9ef5df1ee..c74a170d6d1 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-15.8.1
\ No newline at end of file
+15.9.1
\ No newline at end of file
diff --git a/omnibus/config/software/knife.rb b/omnibus/config/software/knife.rb
new file mode 100644
index 00000000000..9d9ab2b3a3d
--- /dev/null
+++ b/omnibus/config/software/knife.rb
@@ -0,0 +1,42 @@
+#
+# Copyright:: Chef Software, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+name "knife"
+default_version "17.10.0"
+
+license "Apache-2.0"
+license_file "https://raw.githubusercontent.com/chef/chef/main/knife/LICENSE"
+
+dependency "ruby"
+
+skip_transitive_dependency_licensing "true"
+
+relative_path "knife-#{version}"
+
+build do
+    env = with_standard_compiler_flags(with_embedded_path)
+
+    v_opts = "--version '#{version}'" unless version.nil?
+    gem [
+      "install knife",
+      v_opts,
+      "--no-document",
+    ].compact.join(" "), env: env
+  
+    # confirm the install was successful
+    command "knife --version", env: env
+    copy "#{install_dir}/embedded/bin/knife", "#{install_dir}/bin"
+end
diff --git a/omnibus/config/software/server-complete.rb b/omnibus/config/software/server-complete.rb
index 87fde934bee..86a24bf9bb2 100644
--- a/omnibus/config/software/server-complete.rb
+++ b/omnibus/config/software/server-complete.rb
@@ -37,6 +37,7 @@
 
 # moved earlier because it is external to this repo and pinned, so should change infrequently
 dependency "chef" # for embedded chef-client -z runs (built from main - build last)
+dependency "knife"
 
 dependency "private-chef-ctl" # additional project-specific private-chef-ctl subcommands
 
diff --git a/scripts/bk_tests/bk_install.sh b/scripts/bk_tests/bk_install.sh
index b83b0928bee..6061e59dddc 100755
--- a/scripts/bk_tests/bk_install.sh
+++ b/scripts/bk_tests/bk_install.sh
@@ -2,6 +2,16 @@
 
 set -e
 
+# Error:
+# `The repository 'http://apt.postgresql.org/pub/repos/apt bionic-pgdg Release' does not have a Release file.`
+# The cause:
+# https://www.postgresql.org/message-id/ZN4OigxPJA236qlg%40msg.df7cb.de
+# The fix:
+# 1. Add `deb https://apt-archive.postgresql.org/pub/repos/apt bionic-pgdg main` to sources.list
+# 2. Remove /etc/apt/sources.list.d/pgdg.list
+sudo echo "deb https://apt-archive.postgresql.org/pub/repos/apt bionic-pgdg main">>/etc/apt/sources.list
+rm /etc/apt/sources.list.d/pgdg.list
+
 echo "Removing postgresql-9.3"
 apt-get --purge remove -y postgresql-9.3
 
diff --git a/src/chef-server-ctl/Gemfile.lock b/src/chef-server-ctl/Gemfile.lock
index dd21bdf633a..a507bd9538f 100644
--- a/src/chef-server-ctl/Gemfile.lock
+++ b/src/chef-server-ctl/Gemfile.lock
@@ -295,7 +295,7 @@ GEM
       coderay (~> 1.1)
       method_source (~> 1.0)
     public_suffix (5.0.0)
-    rack (2.2.6.2)
+    rack (2.2.6.4)
     rainbow (3.1.1)
     rake (13.0.6)
     redis (4.7.1)