Puppet agent 1.10.14, 5.3.8, and 5.5.3 resolve a critical Windows installer
issue <https://tickets.puppetlabs.com/browse/PA-2075> introduced in agent
1.10.13, 5.3.7, and 5.5.2 that could cause incorrect permissions to be
applied across entire filesystems of Windows nodes under certain unusual
re-installation scenarios, including those applied by Chocolatey and

This release also includes the same fixes for security vulnerabilities that
were included in 1.10.13, 5.3.7, and 5.5.2, which were pulled due to the
Windows installer bug:

   - CVE-2018-6513 <https://puppet.com/security/cve/CVE-2018-6513>
   - CVE-2018-6514 <https://puppet.com/security/cve/CVE-2018-6514>
   - CVE-2018-6515 <https://puppet.com/security/cve/CVE-2018-6515>
   - CVE-2018-6516 <https://puppet.com/security/cve/CVE-2018-6516>

For details, see the release notes for today's releases as well as the
previous Platform releases:

   - Puppet agent 5.5.2 and 5.5.3
   - Puppet agent 5.3.7 and 5.3.8
   - Puppet agent 1.10.13 and 1.10.14

*Garrett Guillotte*
Technical Writer

You received this message because you are subscribed to the Google Groups 
"Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to puppet-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to