Puppet Core 8.15.0

Released September 2025. This version of Puppet Core includes improved error messages, improvements to help prevent security vulnerabilities, and removes support for macOS 11 and 12 agents.

Features

Launch of Puppet Edge

Puppet Edge is designed to help you manage more devices on your network and provides you with access to:

  • Playbook Runner premium module: Use Playbook Runner via Bolt to run tasks that run Ansible playbooks and ad-hoc commands.

  • EdgeOps premium module: EdgeOps provides tools for managing Puppet Edge network devices with Bolt tasks.

    • Manage configuration of NETCONF enabled network devices

    • Gather operational information from network devices

  • Upgrade to the latest version of Bolt to automate tasks that you perform on an as-needed basis or as part of a greater orchestration workflow.

Puppet Edge for Puppet Enterprise (PE) and Puppet Enterprise Advanced (PEA) includes additional features, such as workflows, AI Code Assist, and management of the Playbook Runner and EdgeOps premium modules via PE.

Learn more about Edge.

Contact our sales team to purchase a license that includes Edge.

Enhancements

Improved error messages when binary data is found in the catalog

Puppet now reports when binary data is found in the catalog, indicating the manifest file and line number that caused the problem in an error message. If the issue is due to the file function, use the binary_file function instead. PUP-12092

Security

Removed libxslt, replaced nokogiri with libxml-ruby

Removed libxslt to address CVE-2025-7424 and CVE-2025-7425. On macOS, nokogiri was replaced with libxml-ruby to remove the libxslt dependency. If you require the nokogiri gem on macOS, install it separately. PA-7634, PA-7650

Patched the resolv gem

The resolv gem shipped with Puppet agent was patched to address CVE-2025-24294. Although the vulnerability was patched, the Ruby and resolv gem version numbers did not change. PA-7722

Evaluated CVEs

The Puppet team has determined that libxml2 v2.14.5 in Puppet Core 8.15.0 is not affected by CVE-2025-7425.

Resolved issues

SLES 15 glibc not found error fixed

Puppet Core 8.14.0 included a version of Ruby compiled against a glibc version available only on SLES 15 systems using service pack 6 and later. This caused glibc not found errors on systems running SLES 15 with earlier service packs. This was fixed by compiling Ruby against an older version of glibc. PA-7730

Deprecations and removals

Support was removed for macOS 11 and 12 agents

Support was removed for the following EOL OS versions. The following are no longer available as Puppet Core agents:

  • macOS 11 Big Sur (x86_64)

  • macOS 12 Monterey (x86_64 and ARM)

PA-6712