Posted August 23, 2018
Assessed Risk Level: Medium
On August 9th, PostgreSQL published a security update addressing CVE-2018-10915 and CVE-2018-10925. Puppet Enterprise 2016.4.15, 2017.3.10, and 2018.1.4 contain an updated version of PostgreSQL that has patched the vulnerabilities.
For more information about the vulnerabilities, refer to the PostgreSQL security announcement.
Affected software versions:
- Puppet Enterprise prior to 2018.1.4
- Puppet Enterprise prior to 2017.3.10
- Puppet Enterprise prior to 2016.4.15
- Puppet Enterprise 2018.1.4
- Puppet Enterprise 2017.3.10
- Puppet Enterprise 2016.4.15