The latest patch release for the current Long Term Support (LTS) version of Puppet Enterprise, 2019.8.9, is now available!
This is a backward-compatible release that contains enhancements and bug fixes, including: - TLS v1.3 is enabled by default. PE is now compatible with TLSv1.2 and TLSv1.3 by default for both FIPS and non-FIPS installations. To update your protocol or ciphers, review the Configuring security settings <https://puppet.com/docs/pe/2021.3/configuring_security_settings.html> docs. For a list of compatible ciphers, see the Ciphers reference <https://puppet.com/docs/pe/2021.3/pe_architecture_overview.html#ciphers_reference> . - This version of PE includes version 3 of the PE support script, which offers more options for modifying the support script’s behavior to meet your needs. - Agent support for: - Ubuntu 18.04 aarch64 - Debian 11 (Bullseye) amd64 - Red Hat Enterprise Linux 8 FIPS x86_64 - AlmaLinux x86_64 for Enterprise Linux 8 - Rocky Linux x86_64 for Enterprise Linux 8 - Primary PE server support added for: - AlmaLinux 8 - Rocky Linux 8 - And so much more! Check out the full list of changes below. For the full list of changes, check out the release notes: https://puppet.com/docs/pe/2019.8/release_notes_pe_index.html Resolved in this release: - CVE-2021-27023 <https://puppet.com/security/cve/cve-2021-27023>: A flaw was discovered in Puppet agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007 <https://nvd.nist.gov/vuln/detail/CVE-2018-1000007>. - CVE-2021-27025 <https://puppet.com/security/cve/cve-2021-27025>: A flaw was discovered in Puppet agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first ‘pluginsync’. - CVE-2021-27026 <https://puppet.com/security/cve/cve-2021-27026>: A flaw was discovered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged. Important note: If you are using Continuous Delivery for PE, upgrade to CD4PE 4.8.2 prior to upgrading to Puppet Enterprise 2019.8.9. We resolved a PuppetDB issue causing the generation of new fact charts on the Nodes page to fail. Download PE 2019.8.9 here: https://puppet.com/misc/pe-files/previous-releases/ As a current Puppet Enterprise user, you can update to this new version as part of your annual subscription. When updating, you must update infrastructure components first and then update agents. For detailed instructions, see the documentation <https://puppet.com/docs/pe/2019.8/upgrading_pe.html>. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAFH7jMX_Gs%3D7cjC3CyAKFM7hjW2twgQfR8hL8js3BJerzP_N5g%40mail.gmail.com.
