SCM 3.5.0 and 2.25.0 are available

7 views
Skip to first unread message

Puppet Product Updates

unread,
Jul 11, 2025, 11:44:29 AMJul 11
to Internal - Puppet Product Updates, Puppet Announce

SCM 3.5.0 and 2.25.0 are available
 
What’s new

Flexible Java management 

The Comply module now includes the option to use a locally installed Java runtime, instead of the Java bundled with the CIS-CAT Pro Assessor. 

  • You can toggle between using a compatible local Java installation or the bundled Java. 
  • When your locally installed Java version is specified, the bundled Java is automatically removed to streamline your environment. 
  • If you choose to revert to the bundled Java, it is automatically reinstalled. 

 

This enhancement is ideal for customers with specific Java version requirements or those looking to align with internal security and compliance policies. 
 

Secrets management for Podman installs 
Starting in version 3.5.0, Podman-based installations use a secrets management mechanism to handle passwords and other sensitive information. 
 

CIS-CAT Pro Assessor updates 
SCM 3.5.0 and 2.25.0 include Assessor v4.55.0, featuring important security fixes and the following updates to operating system benchmarks.

Updated benchmarks: 

  • CIS Ubuntu Linux 24.04 LTS STIG Benchmark v1.0.0 (new) 
  • CIS Microsoft Windows Server 2022 Benchmark v4.0.0 (updated from v3.0.0) 
  • CIS Microsoft Windows 10 Enterprise Benchmark v4.0.0 (updated from v3.0.0) 
  • CIS Microsoft Windows 10 Stand-alone Benchmark v4.0.0 (updated from v3.0.0) 
  • CIS Microsoft Windows 11 Stand-alone Benchmark v4.0.0 (updated from v3.0.0) 
  • CIS Microsoft Windows Server 2019 Benchmark v4.0.0 (updated from v3.0.1) 
  • CIS Apple macOS 13.0 Ventura Benchmark v3.1.0 (updated from v3.0.0) 
  • CIS Microsoft Windows Server 2022 Stand-alone Benchmark v1.0.0 (new) 
  • CIS Red Hat Enterprise Linux 9 STIG Benchmark v1.0.0 (new) 
  • CIS Apple macOS 14.0 Sonoma Benchmark v2.1.0 (updated from v2.0.0) 
  • CIS Apple macOS 15.0 Sequoia Benchmark v1.1.0 (new) 
  • CIS SUSE Linux Enterprise 12 Benchmark v3.2.1 (updated from v3.2.0) 

 

Removed benchmarks:

  • CIS Apple macOS 11.0 Big Sur Benchmark v4.0.0 
  • CIS Oracle Linux 7 Benchmark v4.0.0 
  • CIS Red Hat Enterprise Linux 7 Benchmark v4.0.0 
  • CIS Red Hat Enterprise Linux 7 STIG Benchmark v2.0.0 
  • CIS CentOS Linux 7 Benchmark v4.0.0 
  • CIS Debian Linux 10 Benchmark v2.0.0 
  • CIS Ubuntu Linux 18.04 LTS Benchmark v2.2.0 
     

 
For full details of what’s included in the release, see the SCM docs: 

 


This e-mail may contain information that is privileged or confidential. If you are not the intended recipient, please delete the e-mail and any attachments and notify us immediately.


Reply all
Reply to author
Forward
0 new messages