Oracle Java July 2016 Security Fixes
Posted August 9, 2016
Assessed Risk Level: Medium
On July 19, 2016 OpenSSL announced several vulnerabilities.
Previous versions of Puppet Enterprise shipped with a vulnerable version of Java. Puppet Enterprise 2016.2.1 and Puppet Enterprise 3.8.6 ship with updated versions of java to address these vulnerabilities.
For more information refer to the Oracle Java security announcement (http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html#AppendixJAVA).
Affected Software Versions:
- Puppet Enterprise 3.x prior to 3.8.6
- Puppet Enterprise 2015.x
- Puppet Enterprise 2016.x prior to 2016.2.1
- Puppet Enterprise 3.8.6
- Puppet Enterprise 2016.2.1