CVE-2021-44215 and CVE-2021-44216 - Insecure permissions on log files in CFEngine Enterprise Hub package

[Nick Anderson]

Hello fellow CFEngineers,

Please be aware, we have published CVE-2021-44215 and CVE-2021-44216. These vulnerabilities relate to permissions of log files in the CFEngine Enterprise hub package. If you are already running the latest supported versions of CFEngine (3.18.1, 3.15.5) you are not affected.

For more details see our announcement.