Overview

Curl 2016 Security Fixes

  • Posted October 20, 2016

  • Assessed Risk Level: Medium

Curl has announced several vulnerabilities.

Previous versions of Puppet Enterprise shipped with a vulnerable version of Curl. Puppet Enterprise 2016.4.0 and Puppet Agent 1.7.1 ship with an updated version of Curl.

For more information about these vulnerabilities, please refer to the Curl security announcements (https://curl.haxx.se/docs/security.html)

Status:

Affected Software Versions:

  • Puppet Agent prior to 1.7.1
  • Puppet Enterprise prior to 2016.4.0

Resolved in:

  • Puppet Agent 1.7.1
  • Puppet Enterprise 2016.4.0