Default configurations of Puppet Enterprise, Puppet Agent, and Puppet on Windows are not vulnerable. The version of Ruby shipping with Puppet Enterprise 3.8.4, Puppet Enterprise 2015.3.2, Puppet Agent 1.3.4, and Puppet 3.8.5 (Windows only) have been updated to address this vulnerability.
For more information about the vulnerability, please refer to the Ruby security announcement .
Affected Software Versions:
Resolved in: