Puppet Security

» Security & vulnerability announcements
» Vulnerability submission process

This page contains information about security fixes from both Puppet and third-party software vendors used in Puppet products. For information about our security policies and instructions on how to report findings, refer to the vulnerability submission process.

Internal security announcements

Third-party security announcements

  • Ruby April 2018 Security Fixes
    Resolved in:
    Puppet Agent 1.10.12
    Puppet Agent 5.3.6
    Puppet Agent 5.5.1
    PDK 1.5.0
    Puppet Enterprise 2016.4.11
    Puppet Enterprise 2017.3.6
    Puppet Enterprise 2018.1.0
  • Curl March 2018 Security Fixes
    Resolved in:
    Puppet Agent 1.10.12
    Puppet Agent 5.3.6
    Puppet Enterprise 2016.4.11
    Puppet Enterprise 2017.3.6
    Puppet Enterprise 2018.1.0