Puppet Core 8.11.0

Released February 2025.

This release introduces a new proprietary product, Perforce Puppet Core. In addition, the Fedora 41 and macOS 15 operating systems are now supported for developer users.

Introducing Puppet Core

This release marks the introduction of Puppet Core, an enterprise-ready platform built on the foundations of open source Puppet. Puppet Core is developed, maintained, and supported by the Puppet business unit of Perforce Software, Inc.

Open source Puppet remains available but is no longer maintained by Perforce. For the latest open source Puppet documentation, see Open source Puppet 8.10.0. If you are using open source Puppet in a production environment, consider transitioning to Puppet Core so that you can take advantage of the latest features, fixes, and security updates.

When you purchase Puppet Core, you can implement the platform in a production environment on all licensed nodes. You can install Puppet agent on all supported operating systems (except for any new versions introduced in the latest Puppet Enterprise release). You are entitled to the following additional benefits:

  • Training provided by the Professional Services team

  • The ability to open Support tickets to address security vulnerabilities and defects

  • Support services guaranteed by a service-level agreement (SLA)

  • Entitlement to the Security Compliance Enforcement modules

Purchasing Puppet Core

See Purchasing Puppet Core.

Installing the product

For instructions, see Installing Puppet.

Upgrading the product

To transition from open source Puppet to Puppet Core, see Upgrading from open source Puppet to Puppet Core.

Enhancements

New operating systems

Developer users can now install Puppet agent on the following operating systems:

  • Fedora 41
  • macOS 15 (ARM)
For instructions about becoming a developer user, see Accessing Puppet Core for limited use for testing or development.

As part of the Fedora 41 update, the DNF5 package manager is now supported. DNF5 automates the process of installing, upgrading, and configuring computer programs.

The regsubst() function is expanded to include Sensitive type targets.

The function, which performs regexp replacement on a string or array of strings, can now be run on strings and arrays with the Sensitive type.

PUP-11326

Security

Updated REXML

The REXML gem was updated to 3.3.9 in Ruby 2.7 and Ruby 3.2 for CVE-2024-49761.

PA-7106

Evaluated CVEs

The Puppet team has evaluated CVE-2025-0167, CVE-2025-0665, and CVE-2025-0725 and determined that the vulnerable path is not present in the Puppet Core platform. Therefore, Puppet Core is not impacted by these vulnerabilities.

Resolved issues

Updated warning messages to improve usability.

Previously, warning messages about fact soft limits did not always include the fact name. The issue is resolved to ensure that the fact name and related information are included in the warning message.

PUP-12083

The semantic_puppet version is bumped.

This release bumps the semantic_puppet version to 1.1.1 to fix a typo in a method name.