Puppet Core 8.15.0
Released September 2025. This version of Puppet Core includes improved error messages, improvements to help prevent security vulnerabilities, and removes support for macOS 11 and 12 agents.
On this page:
Features
Launch of Puppet Edge
Puppet Edge is designed to help you manage more devices on your network and provides you with access to:
-
Playbook Runner premium module: Use Playbook Runner via Bolt to run tasks that run Ansible playbooks and ad-hoc commands.
-
EdgeOps premium module: EdgeOps provides tools for managing Puppet Edge network devices with Bolt tasks.
-
Manage configuration of NETCONF enabled network devices
-
Gather operational information from network devices
-
-
Upgrade to the latest version of Bolt to automate tasks that you perform on an as-needed basis or as part of a greater orchestration workflow.
Puppet Edge for Puppet Enterprise (PE) and Puppet Enterprise Advanced (PEA) includes additional features, such as workflows, AI Code Assist, and management of the Playbook Runner and EdgeOps premium modules via PE.
Contact our sales team to purchase a license that includes Edge.
Enhancements
Improved error messages when binary data is found in the catalog
Puppet now reports when binary data is found in the catalog, indicating the manifest file and line number that caused the problem in an error message. If the issue is due to the file
function, use the binary_file
function instead. PUP-12092
Security
Removed libxslt, replaced nokogiri with libxml-ruby
Removed libxslt to address CVE-2025-7424 and CVE-2025-7425. On macOS, nokogiri was replaced with libxml-ruby to remove the libxslt dependency. If you require the nokogiri gem on macOS, install it separately. PA-7634, PA-7650
Patched the resolv gem
The resolv gem shipped with Puppet agent was patched to address CVE-2025-24294. Although the vulnerability was patched, the Ruby and resolv gem version numbers did not change. PA-7722
Evaluated CVEs
The Puppet team has determined that libxml2 v2.14.5 in Puppet Core 8.15.0 is not affected by CVE-2025-7425.
Resolved issues
SLES 15 glibc not found error fixed
Puppet Core 8.14.0 included a version of Ruby compiled against a glibc version available only on SLES 15 systems using service pack 6 and later. This caused glibc not found
errors on systems running SLES 15 with earlier service packs. This was fixed by compiling Ruby against an older version of glibc. PA-7730
Deprecations and removals
Support was removed for macOS 11 and 12 agents
Support was removed for the following EOL OS versions. The following are no longer available as Puppet Core agents:
-
macOS 11 Big Sur (x86_64)
-
macOS 12 Monterey (x86_64 and ARM)
PA-6712