Overview

PostgreSQL August 2016 Security Fixes

  • Posted October 20, 2016

  • Assessed Risk Level: Medium

On August 11, 2016, PostgreSQL announced several vulnerabilities

Previous versions of Puppet Enterprise shipped with a vulnerable version of PostgreSQL. Puppet Enterprise 2016.4.0 ships with an updated version of PostgreSQL. Default configurations of Puppet Enterprise are not vulnerable to these issues.

For more information about these vulnerabilities, please refer to the PostgreSQL security announcement (https://www.postgresql.org/docs/current/static/release-9-4-9.html)

Status:

Affected Software Versions:

  • Puppet Enterprise prior to 2016.4.0

Resolved in:

  • Puppet Enterprise 2016.4.0
  • Puppet Enterprise 3.8.7