Curl 2016 Security Fixes
Posted October 20, 2016
Assessed Risk Level: Medium
Curl has announced several vulnerabilities.
Previous versions of Puppet Enterprise shipped with a vulnerable version of Curl. Puppet Enterprise 2016.4.0 and Puppet Agent 1.7.1 ship with an updated version of Curl.
For more information about these vulnerabilities, please refer to the Curl security announcements (https://curl.haxx.se/docs/security.html)
Affected Software Versions:
- Puppet Agent prior to 1.7.1
- Puppet Enterprise prior to 2016.4.0
- Puppet Agent 1.7.1
- Puppet Enterprise 2016.4.0