Puppet Enterprise 2021.4.0 is now available!

Skip to first unread message

Puppet Product Updates

Nov 9, 2021, 5:52:03 PM11/9/21
to puppet-prod...@puppet.com

The latest release for the Puppet Enterprise release track, PE 2021.4.0, is now available!


Enhancements in this release include:


  • TLS v1.3 is enabled by default. PE is now compatible with TLSv1.2 and TLSv1.3 by default for both FIPS and non-FIPS installations. To update your protocol or ciphers, review the Configuring security settings docs. For a list of compatible ciphers, see the Ciphers reference.

  • New RBAC /command endpoints. Several new /command endpoints in the RBAC API v1 allow you to use the API to make small changes to existing data. To see the list of newly added RBAC /command endpoints, check out the release notes

  • This version of PE includes version 3 of the PE support script, which offers more options for modifying the support script’s behavior to meet your needs. 

  • Agent support for:

    • Ubuntu 18.04 aarch64

    • Debian 11 (Bullseye) amd64

    • Red Hat Enterprise Linux 8 FIPS x86_64

    • AlmaLinux x86_64 for Enterprise Linux 8

    • Rocky Linux x86_64 for Enterprise Linux 8

  • Primary PE server support added for:

    • AlmaLinux 8

    • Rocky Linux 8

  • And so much more! Check out the full list of changes below.

For the full list of changes, check out the release notes: https://puppet.com/docs/pe/latest/release_notes_pe_index.html


Resolved in this release:


  • CVE-2021-27023: A flaw was discovered in Puppet agent and Puppet Server that may result in a leak of HTTP credentials when following HTTP redirects to a different host. This is similar to CVE-2018-1000007.

  • CVE-2021-27025: A flaw was discovered in Puppet agent where the agent may silently ignore Augeas settings or may be vulnerable to a Denial of Service condition prior to the first ‘pluginsync’. 

  • CVE-2021-27026: A flaw was discovered in Puppet Enterprise and other Puppet products where sensitive plan parameters may be logged. 


Important note: If you are using Continuous Delivery for PE, upgrade to CD4PE 4.8.2 or a newer version prior to upgrading to Puppet Enterprise 2021.4. We resolved a PuppetDB issue causing the generation of new fact charts on the Nodes page to fail.


Download PE 2021.4 here: https://puppet.com/try-puppet/puppet-enterprise/download/


As a current Puppet Enterprise user, you can update to this new version as part of your annual subscription. When updating, you must update infrastructure components first and then update agents. For detailed instructions, see the documentation.
Reply all
Reply to author
0 new messages