Overview

Java April 2018 Security Fixes

  • Posted May 1, 2018

  • Assessed Risk Level: High

On April 18, 2018 Java announced several vulnerabilities.

Previous versions of Puppet Enterprise shipped with a vulnerable versions of Java.

For more information about this vulnerability, refer to Java’s security announcement page (http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA).

Status:

Affected software versions:

  • Puppet Enterprise versions prior to 2016.4.11
  • Puppet Enterprise versions prior to 2017.3.6

Resolved in:

  • Puppet Enterprise 2016.4.11
  • Puppet Enterprise 2017.3.6
  • Puppet Enterprise 2018.1.0