CVE-2017-15059 in Puppet Enterprise 2016.4.0 to 2016.4.9, 2017.2.x, 2017.3.0 to 2017.3.2

Related articles

• Verify SSL protocols and cipher suites in use on Puppet Enterprise nodes
• Remove unnecessary packages installed on infrastructure nodes and compile masters during Puppet runs in Puppet Enterprise 2016.4.x, 2017.3.x, 2018.1.x, and 2019.2.x
• Set SSL cipher suites in Puppet Enterprise 2018.1 and later
• Use the API to sign certificate signing requests from non-certificate authority nodes for Puppet Enterprise 2016.2 to 2017.1, 2017.3 to 2019.2
• Recommended reading - Performing complex searches on Package Inspector data for Puppet Enterprise