OpenSSL February 2019 Security Fixes
Posted: April 30, 2019
Assessed Risk Level: Medium
Between March 27, 2018 and February 26, 2019 OpenSSL announced several vulner abilities.
Previous versions of Puppet Enterprise shipped with a vulnerable version of OpenSSL. Puppet Enterprise 2018.1.8 contains an updated version of OpenSSL which has addressed these vulnerabilities.
For more information about this vulnerability, refer to the OpenSSL vulnerability release notes.
Affected software versions:
- pe-client-tools prior to 18.1.8
- Puppet Agent prior to 6.4.2
- Puppet Enterprise prior to 2018.1.8
- pe-client-tools 18.1.8
- Puppet Agent 6.4.2
- Puppet Enterprise 2018.1.8