Nokogiri September 2017 Security Fixes

  • Posted November 7, 2017

  • Assessed Risk Level: Medium

On September 19, 2017 Nokogiri announced several vulnerabilities.

Previous versions of PDK shipped with a vulnerable version of libxml2 and libxslt in nokogiri.

For more information about this vulnerability, refer to the Nokogiri changelog. (https://github.com/sparklemotion/nokogiri/blob/v1.8.1/CHANGELOG.md)

Status:

Affected software versions:

  • PDK versions prior to 1.2.1

Resolved in:

  • PDK 1.2.1
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.