PE 2023.8.6

Released September 2025

Puppet Enterprise^® (PE and PE Advanced) lifecycle update—Puppet is transitioning its Puppet Enterprise® software support offerings from the “Long Term Support” and “Short Term Support” model to the "Latest" and "Latest - 1" model.

Starting August 6, 2026, Puppet Enterprise^® will adopt a new software support model using the following nomenclature of “Latest” and “Latest - 1” that will accelerate product innovation and simplify the product lifecycle management.

What’s changing?

Under the new model:

“Latest” series: Receives full software support and maintenance (new features, fixes, security updates) for 12 months from the date of the latest major version release.
“Latest - 1” series: Receives limited software support and maintenance (security updates, defect fixes, and minor changes only) for an additional 12 months after being superseded by the “Latest” version of the Puppet Enterprise^® software.

The new model will replace the previous Long-Term Support (“LTS”) model, which offered up to twenty-four (24) months of limited software support and maintenance with limited feature delivery.

Impact on current release streams:

PE 2023.8.z series (LTS): This is the final series supported under the LTS support model. Maintenance releases will continue until August 2026, when the series reaches end of life (“EOL”). This timing coincides with the launch of the new software and support lifecycle model. Customers should begin planning upgrades to remain supported.
PE 2025.y series (Current “latest”): This series will continue receiving the latest updates until August 2026, when the next major PE version is released. At that point, 2025.y will transition to “Latest -1” and receive security updates, defect fixes, and minor changes only until its EOL in August 2027.

This change is designed to:

Deliver continuous access to new features
Improve security through more frequent updates and patches
Provide a predictable, simplified support timeline

Further documentation and upgrade guidance will be provided ahead of the August 2026 transition.

Puppet^® Continuous Delivery and Puppet Comply^® (also known as Puppet Security Compliance Management (“SCM”)) lifecycle updates:

For important information about the product lifecycle changes for Puppet^® Continuous Delivery and Puppet Comply^® /SCM, see:

Puppet Enterprise (PE) 2023 is our current PE LTS release stream. The previous LTS, PE 2021.7, is in overlap support until 28th February, 2025.

To access the End-of-Life (EOL) date and other maintenance information for PE 2023.8, see PE 2023.8 End-of-Life (EOL).
For important information about upgrading to 2023, see Upgrading Puppet Enterprise.
If you're on the LTS stream (2021.7), you'll find release notes and other information for that series in the 2021.7 documentation.
Customers on 2019.8.z are encouraged to upgrade to either 2021.7 or 2023.

To access the release notes for the Puppet^® platform, including Puppet agent, Puppet Server, Facter, and PuppetDB, see Platform release notes.

Deprecations and removals

Agent platforms removed

This release removes support for the following operating system platforms:

macOS 11 x86_64
macOS12 x86_64
macOS 12 ARM

Client tool platforms removed

This release removes support for the following client tool platforms:

macOS11 x86_64
macOS12 x86_64
macOS12 ARM
macOS 12 M1
macOS 12 M2

Resolved issues

Puppet backup create/restore no longer fails when puppet_enterprise::puppetdb_port is changed

In PE 2023.7.7-2023.8.5 and 2025.0-2025.5, when the puppet_enterprise::puppetdb_port was changed to something other than 8081, backup create/restore failed. This issue has been fixed in PE 2023.8.6 and 2025.6.

Puppet::Network::Format error message is no longer missing actionable details

In PE 2025.0-2025.5 and 2023.8.1-2023.8.5, the error message logged by failed Puppet runs after upgrading provided no information on the source of the binary data. This has been fixed in PE 2025.6 and 2023.8.6.

Security fixes

Addressed the following CVEs:

CVE-2021-27918
CVE-2021-33194
CVE-2021-33195
CVE-2021-33196
CVE-2021-33198
CVE-2021-38561
CVE-2021-39293
CVE-2021-41771
CVE-2021-41772
CVE-2021-44716
CVE-2022-23772
CVE-2022-23806
CVE-2022-24675
CVE-2022-24921
CVE-2022-27664
CVE-2022-28131
CVE-2022-28327
CVE-2022-2879
CVE-2022-2880
CVE-2022-29804
CVE-2022-30580
CVE-2022-30630
CVE-2022-30631
CVE-2022-30632
CVE-2022-30633
CVE-2022-30634
CVE-2022-30635
CVE-2022-32149
CVE-2022-32189
CVE-2022-41716
CVE-2022-41720
CVE-2022-41722
CVE-2022-41723
CVE-2022-41724
CVE-2022-41725
CVE-2023-24534
CVE-2023-24536
CVE-2023-24537
CVE-2023-24538
CVE-2023-24539
CVE-2023-24540
CVE-2023-29400
CVE-2023-29403
CVE-2023-39325
CVE-2023-45283
CVE-2023-45287
CVE-2023-45288
CVE-2024-24790
CVE-2024-34156

CVE-2025-4949
CVE-2025-5115
CVE-2025-8715
CVE-2025-8714
CVE-2025-8713