Curl June 2015 Security Fixes

  • Posted July 28, 2015

  • Assessed Risk Level: Low

On June 17th, The open source curl project announced two security vulnerabilities in the libcurl http client library. The Puppet Agent package prior to 1.2.2 contained a vulnerable version of curl. Puppet agent 1.2.2 contains an updated version of curl. For more information about the libcurl vulnerabilities, refer to CVE-2015-3236 and CVE-2015-3237.


Affected Software Versions:

  • Puppet Agent 1.x

Resolved in:

  • Puppet Agent 1.2.2
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.