Overview

Oracle Java July 2016 Security Fixes

  • Posted August 9, 2016

  • Assessed Risk Level: Medium

On July 19, 2016 OpenSSL announced several vulnerabilities.

Previous versions of Puppet Enterprise shipped with a vulnerable version of Java. Puppet Enterprise 2016.2.1 and Puppet Enterprise 3.8.6 ship with updated versions of java to address these vulnerabilities.

For more information refer to the Oracle Java security announcement (http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA).

Status:

Affected Software Versions:

  • Puppet Enterprise 3.x prior to 3.8.6
  • Puppet Enterprise 2015.x
  • Puppet Enterprise 2016.x prior to 2016.2.1

Resolved in:

  • Puppet Enterprise 3.8.6
  • Puppet Enterprise 2016.2.1