Overview

PostgreSQL 2017-05-11 update

  • Posted June 22, 2017

  • Assessed Risk Level: Medium

The PostgreSQL team published a Security Update Release addressing CVE-2017-7484, CVE-2017-7485, and CVE-2017-7486. We believe that Puppet Enterprise is only vulnerable to CVE-2017-7484, rated as a 4.3 on the CVSSv3 scale. These versions of PE ship with the updated version.

For more information about the vulnerabilities, refer to the PostgreSQL security announcement.

Status:

Affected Software Versions:

  • Puppet Enterprise prior to 2016.4.6
  • Puppet Enterprise 2017.1.x
  • Puppet Enterprise 2017.2.1

Resolved in:

  • Puppet Enterprise 2016.4.6
  • Puppet Enterprise 2017.2.2