Curl has announced several vulnerabilities.
Previous versions of Puppet Enterprise shipped with a vulnerable version of Curl. Puppet Enterprise 2016.4.0 and Puppet Agent 1.7.1 ship with an updated version of Curl.
For more information about these vulnerabilities, please refer to the Curl security announcements (https://curl.haxx.se/docs/security.html)
Affected Software Versions: