Puppet Security

» Security & vulnerability announcements
» Vulnerability submission process

This page contains information about security fixes from both Puppet and third-party software vendors used in Puppet products. For information about our security policies and instructions on how to report findings, refer to the vulnerability submission process.

Internal security announcements

Third-party security announcements

  • curl May 2019 Security Fixes
    Resolved in:
    Puppet Agent 5.5.16
    Puppet Agent 6.0.10
    Puppet Agent 6.4.3
    Puppet Enterprise 2019.1.1
    Puppet Enterprise 2019.0.4
    Puppet Enterprise 2018.1.9
  • Rubygems March 2019 Security Fixes
    Resolved in:
    Puppet Agent 5.5.14
    Puppet Agent 6.0.9
    Puppet Agent 6.4.2
    PDK 1.10.0.0
    Puppet Enterprise 2019.0.3
    Puppet Enterprise 2018.1.8
  • Ruby April 2018 Security Fixes
    Resolved in:
    Puppet Agent 1.10.12
    Puppet Agent 5.3.6
    Puppet Agent 5.5.1
    PDK 1.5.0
    Puppet Enterprise 2016.4.11
    Puppet Enterprise 2017.3.6
    Puppet Enterprise 2018.1.0
  • Curl March 2018 Security Fixes
    Resolved in:
    Puppet Agent 1.10.12
    Puppet Agent 5.3.6
    Puppet Enterprise 2016.4.11
    Puppet Enterprise 2017.3.6
    Puppet Enterprise 2018.1.0