Puppet Product Updates
- Security Compliance Management 3.2.0 and 2.22.0 are available
We’re excited to announce the release of Security Compliance Management (SCM) versions 3.2.0 and 2.22.0. In addition to bug and security fixes, both releases include important enhancements that add value for Puppet Enterprise customers.
New in 3.2.0 and 2.22.0
Dynamically target nodes for scheduled scans
This timesaving feature removes the manual effort of editing scheduled scans whenever new nodes are onboarded. Now, when scheduling scans in the SCM console, customers can target nodes dynamically by specifying the node groups to scan, so that scans run automatically on all nodes that belong to the specified node groups at the scheduled times.
Configure the inventory refresh and data retention settings
This enhancement gives more flexibility and control to our customers. Previously, inventory refresh intervals and data retention settings were configurable only during the installation process. Now, to improve user experience, the Settings page in SCM allows customers to adjust these two settings at any time.
Updated CIS benchmarks
To cover the latest security compliance recommendations and benchmarks published by the Center for Internet Security (CIS), SCM 3.2.0 and 2.22.0 ship v4.43.0 of the CIS-CAT Pro Assessor. This includes the following benchmark updates:
- Apple macOS 12.0 Monterey Benchmark v3.1.0
- Apple macOS 13.0 Ventura Benchmark v2.1.0
- Microsoft Windows Server 2019 Stand-alone v2.0.0
- Oracle Linux 9 Benchmark v2.0.0
- Red Hat Enterprise Linux 9 Benchmark v2.0.0
Resolved in 3.2.0 and 2.22.0
· Fixed a bug that could prevent node selection when creating an ad hoc desired compliance scan.
· Upgraded KeyCloak to v25 to address CVE-2023-2976
For more information, see the Security Compliance Management docs:
This e-mail may contain information that is privileged or confidential. If you are not the intended recipient, please delete the e-mail and any attachments and notify us immediately.