The release contains security and bug fixes and minor improvements, including:
- Puppet 6.13.0 *changes the default behavior* for `strict_hostname_checking` from `false` to `true` (CVE-2020-7942 <https://puppet.com/security/cve/CVE-2020-7942/>). It is recommended that open source Puppet and Puppet Enterprise users that are not upgrading still set `strict_hostname_checking` to `true` to ensure secure behavior. Thank you to Puppet user @Abaddon for reporting this issue. - Puppet reads parameter resource for forcelocal set - 'pe_serverversion' optionally added to 'server_facts' - Puppet docs updated to include OSX Catalina 10.15 (amd64) For the full list of changes, check out the release notes: https://puppet.com/docs/puppet/latest/release_notes_puppet.html -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CACSKYg0RVEqojn6ULR9gZqFpUrPhrP9JtuUFuGgJMev6wir8Bg%40mail.gmail.com.
