On May 22, the PostgreSQL project announced several security vulnerabilities in PostgreSQL. The potential impact of these vulnerabilities includes denial of service and information leakage.
Puppet Enterprise versions prior to 3.8.1 contained a vulnerable version of PostgreSQL. Puppet Enterprise 3.8.1 contains an updated version of PostgreSQL.
For more information about the PostgreSQL vulnerabilities, refer to the PostgreSQL security announcement.
Affected Software Versions: