Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Done
-
None
-
Needs Assessment
Description
The master branch of puppetserver is pulling in bouncycastle through https://github.com/puppetlabs/jvm-ssl-utils. The version of bouncycastle should be updated to at least version 1.59 to address CVE-2017-13098 (https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-13098)