Posted August 7, 2014
Assessed Risk Level: Medium
On July 15th, Oracle announced several security vulnerabilities in Java. Puppet Enterprise 3.3.0 contained a vulnerable version of Java. Puppet Enterprise 3.3.1 contains an updated version of Java that has patched the vulnerabilities.
For more information about the Java vulnerabilities, refer to the Oracle security announcement.
- Resolved in Puppet Enterprise 3.3.1