Posted September 21, 2017
Assessed Risk Level: Medium
On August 10th, PostgreSQL published a security update addressing CVE-2017-7546, CVE-2017-7547, and CVE-2017-7548. Puppet Enterprise 2016.4.8 and 2017.2.4 contain an updated version of PostgreSQL that has patched the vulnerabilities.
For more information about the vulnerabilities, refer to the PostgreSQL security announcement.
Affected software versions:
- Puppet Enterprise prior to 2017.4.8
- Puppet Enterprise prior to 2017.2.4
- Puppet Enterprise 2016.4.8
- Puppet Enterprise 2017.2.4