Oracle Java April 2017 Security Fixes

Overview

Oracle Java April 2017 Security Fixes

  • Posted May 11, 2017

  • Assessed Risk Level: Medium

On April 18th, Oracle announced several security vulnerabilities in Java. Previous releases of Puppet Enterprise contained a vulnerable version of Java. Puppet Enterprise 2016.4.5 and 2017.2.1 contain an updated version of Java that has patched the vulnerabilities.

For more information about the Java vulnerabilities, refer to the Oracle security announcement.

Status:

Affected Software Versions:

  • Puppet Enterprise prior to 2016.4.5
  • Puppet Enterprise 2016.5.x
  • Puppet Enterprise 2017.1.x

Resolved in:

  • Puppet Enterprise 2016.4.5
  • Puppet Enterprise 2017.2.1