PE 2023.8.10
Released June 2026
Puppet Enterprise 2023.8.10 delivers platform support updates, issue resolution, and security fixes. This release adds support for macOS 26 agents and removes older Ubuntu platforms, resolves console login issues related to LDAP group attributes, and improves activity service API filtering behavior. It also includes a broad set of security patches and vulnerability fixes.
Puppet Enterprise® (PE and PE Advanced) lifecycle update
Puppet is transitioning its Puppet Enterprise® software support offerings from the “Long Term Support” and “Short Term Support” model to the "Latest" and "Latest - 1" model starting in August 2026. To learn more, see Puppet Enterprise Platform Support Lifecycle.
To access the End-of-Life (EOL) date and other maintenance information for PE 2023.8, see PE 2023.8 End-of-Life (EOL).
For important information about upgrading to 2023, see Upgrading Puppet Enterprise.
Customers on 2021.7.z, which is EOL, are encouraged to upgrade to 2023.8.z.
Customers on 2019.8.z are encouraged to upgrade to either 2021.7 or 2023.
Platform support
Agent platforms added
This release adds support for the Puppet agent on the following operating system platforms:
-
macOS 26 ARM
-
macOS 26 x86_64
Deprecations and removals
Agent platforms removed
This release removes support for the following operating system platforms:
-
Ubuntu 18.04 amd64
-
Ubuntu 18.04 aarch64
-
Ubuntu 20.04 amd64
-
Ubuntu 20.04 aarch64
Resolved issues
PE console log-in issue with LDAP group attributes containing literal question marks fixed
In Puppet Enterprise versions earlier than 2023.8.10 and 2025.11, literal question marks in LDAP group attributes could prevent users from logging in to the console. This issue is resolved in PE 2025.11 and 2023.8.10.
Activity service API v2 date range filtering returns events for all services
In PE versions prior to this release, the activity service API v2 date range filter returned results only for classifier events. Events from RBAC, PE console, and Code Manager were not included when filtering by date, even if they fell within the specified range. This issue is resolved in PE 2025.11 and 2023.8.10.
Security fixes
The following CVEs were fixed in PE:
-
CVE-2026-6732
-
CVE-2026-42246
-
CVE-2026-3784
-
CVE-2026-3805
-
CVE-2026-3783
-
CVE-2026-1965
-
CVE-2026-31790
-
CVE-2026-28387
-
CVE-2026-28388
-
CVE-2026-28389
-
CVE-2026-28390
-
CVE-2026-31789
-
CVE-2026-2332
-
CVE-2026-5795
-
CVE-2026-39324
-
CVE-2026-34785
-
CVE-2026-34827
-
CVE-2026-6429
-
CVE-2026-7168
-
CVE-2026-6276
-
CVE-2026-6253
-
CVE-2026-7009
-
CVE-2026-5598
-
CVE-2026-42198
-
CVE-2026-42246
-
CVE-2026-42258
-
CVE-2026-42245
-
CVE-2026-42257
-
CVE-2026-42256
-
CVE-2026-42945
-
CVE-2026-41907
-
CVE-2026-33937
-
CVE-2026-33940
-
CVE-2026-33938
-
CVE-2026-33939
-
CVE-2026-33941
-
CVE-2026-33916
-
CVE-2026-27820
-
CVE-2026-34282
-
CVE-2026-45363
-
CVE-2026-45447
-
CVE-2026-34182
-
CVE-2026-45445
-
CVE-2026-7383
-
CVE-2026-9076
-
CVE-2026-34180
-
CVE-2026-42766
-
CVE-2026-45446
-
CVE-2026-42767
-
CVE-2026-47240
-
CVE-2026-47241
-
CVE-2026-47242
-
CVE-2026-49342
-
CVE-2026-54904
-
CVE-2026-6637
-
CVE-2026-6473
-
CVE-2026-6477
Additional security fixes:
-
WS-2026-0003: Fixed a jackson-core vulnerability that could cause a denial-of-service (DoS) condition.






