OpenSSL September 2016 Security Fixes

  • Posted October 20, 2016

  • Assessed Risk Level: High

On September 22, 2016, OpenSSL announced several vulnerabilities

Previous versions of Puppet Enterprise shipped with a vulnerable version of OpenSSL. Puppet Enterprise 2016.4.0 ships with an updated version of OpenSSL

For more information about these vulnerabilities, please refer to the OpenSSL security announcement (


Affected Software Versions:

  • Puppet Enterprise prior to 2016.4.0
  • Puppet Agent prior to 1.7.1

Resolved in:

  • Puppet Enterprise 2016.4.0
  • Puppet Enterprise 3.8.7
  • Puppet Agent 1.7.1
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.