Puppet Core 8.14.0

Released July 2025. AI-search is now available on the main page of the documentation site. This version of Puppet Core includes improvements to help prevent security vulnerabilities and a bug fix to prevent recursive scanning.

Enhancements

AI-powered search

On the main page of the Puppet Core documentation site, you can now enter a question to get an AI-generated answer. Optionally, you can filter your search by product. Answers combine content from the current version of the product documentation and the Perforce knowledge base. This new search experience helps you locate information more efficiently.

Security

Updated net-imap

Net-imap was updated to 0.3.9 to address CVE-2025-43857. PA-7468

Updated curl

Curl was updated to 8.14.1 to address CVE-2025-5025, CVE-2025-4947, and CVE-2025-5399. PA-7548

Updated libxml2

Libxml2 was updated to 2.14.5 to address CVE-2025-6021, CVE-2025-49794, CVE-2025-49795, CVE-2025-49796, and CVE-2025-6170. PA-7574, PA-7595

Resolved issues

Ruby no longer recursively scans lib. Previously, when loading the puppet gem and the current working directory was /, Ruby scanned the lib directory. This was due to a bug in the gemspec generated during the build process. This has been fixed for both the puppet and facter gems. PA-7583