PE release notes

These are the enhancements and resolved issues in this version of Puppet Enterprise (PE).

For security and vulnerability announcements, see Security: Puppet's Vulnerability Submission Process.

PE 2025.1.0

Released February 2025

Important: PE 2025 is our new leading-edge PE release stream (also referred to as STS). For important information about upgrading to 2025, see Upgrading Puppet Enterprise.

If you're on the LTS stream (2023.8), you'll find release notes and other information for that series in the 2023.8 documentation.

Customers on 2019.8.z, which is EOL, are encouraged to upgrade to either 2021.7 or 2023.

Note: To access the release notes for the Puppet® platform, including Puppet agent, Puppet Server, Facter, and PuppetDB, see Platform release notes.

New features

Standard patching: Delete maintenance and blackout windows in the PE console and the API
In PE 2025.1.0, users can now delete maintenance and blackout windows in the PE console and via the API which includes a new set of API endpoints.
Standard patching: View and copy the License ID in the PE console
In PE 2025.1.0 and PE 2023.8.2, users can view and copy the License ID in the PE console if it is present in their license.
Advanced Patching: Identify valid characters for patch group names with a tool tip
In PE 2025.1.0, a tool tip is added to the PE console to help users to identify what characters are valid for patch group names.
Additional option to rerun tasks on a set of nodes for which a previous execution was successful
In PE 2025.1.0, after running a task on a set of nodes, an additional option to run the task again on Succeeded nodes is available.
Advanced Patching: Patch group IDs added to maintenance and blackout windows payload
In 2025.1.0, in the PE console, users can view patch group IDs for maintenance and blackout window lists if permissions exist.

Enhancements

PE console classifier performance improvement
In PE 2025.1.0 and PE 2023.8.2, the PE console classifier has been updated in order to improve performance when resolving nodes for a node group in the PE console.

Resolved issues

Standard patching: pe_patch fact no longer persists after nodes are removed from patch groups
Previously, nodes which were removed from patch groups reported the pe_patch fact after their removal. This issue has been fixed in PE 2025.1.0.
Advanced Patching: PE no longer reports the Advanced Patching enablement workflow as completed before it is fully enabled
In PE 2025.0, before the Advanced Patching enablement workflow completed, the system reported it as being ready for use despite it not being fully enabled. In PE 2025.1, this issue has been fixed.
Advanced Patching: Patch job creation schema fixed
In PE 2025.0.0, the patch job creation schema incorrectly used ‘yum_parameters’ rather than ‘yum_params’. This has been fixed in 2025.1.0.
Puppet code status command no longer fails to run
In PE 2021.7.8-2021.7.9, PE 2023.7.0-2023.8.1, and PE 2025.0.0, Puppet code status command failed to run. This issue is fixed in PE 2021.7.10, 2023.8.2 and 2025.1.0.
Security fixes
Addressed the following CVEs:
  • CVE-2025-1094
  • CVE-2025-0306

PE 2025.0.0

Released December 2024

Important: PE 2025 is our new leading-edge PE release stream (also referred to as STS). For important information about upgrading to 2025, see Upgrading Puppet Enterprise.

If you're on the LTS stream (2023.8), you'll find release notes and other information for that series in the 2023.8 documentation.

Customers on 2019.8.z, which is EOL, are encouraged to upgrade to either 2021.7 or 2023.

Note: To access the release notes for the Puppet® platform, including Puppet agent, Puppet Server, Facter, and PuppetDB, see Platform release notes.

New features

Launch of Advanced Patching service
Starting in PE 2025.0.0, if you have the Puppet Enterprise Advanced license, you have access to advanced patching capabilities on the PE console and API. This feature allows users to:
  • Automate patching workflows to ensure a secure infrastructure.
  • Designate when operating systems are patched to ensure as little disruption as possible.
  • Group nodes to effectively patch updates.
  • Create patch groups.
  • Create and define schedules for patch jobs, maintenance windows and blackout windows.
  • Create permissions in RBAC (Role-based access control). This feature includes additional permissions to view, create and edit patching groups, patching maintenance windows, patching blackout windows, and patching jobs.
  • View patch management reports to monitor the patch status across IT infrastructure.
For more information about the Puppet Enterprise Advanced license, see Getting a license.

Platform support

Primary server platforms added
This release adds support for the primary server on the following operating system platforms:
  • Debian 12 (x86_64)

Resolved issues

The toggle_lockless_deploy plan configures the replica in disaster recovery architecture
In PE 2023.8.0 and PE 2021.7.9, the toggle_lockless_deploys plan did not properly switch over a replica in disaster recovery to have lockless deploys because doing so requires updating Hiera data. This is fixed in PE 2025.0.0 and users who have disaster recovery enabled and are toggling lockless deploys no longer need to update their pe.conf after running the plan.
The toggle_lockless_deploy plan runs some actions verbosely, and failures are no longer expected while polling for changes
In PE 2023.8.0 and PE 2021.7.9, the toggle_lockless_deploys plan ran some actions verbosely, and failures were expected while polling for changes. This has been resolved in PE 2025.0.0.
The toggle_lockless_deploy plan supports Ubuntu 18.04
In addition to Ubuntu 20.04 and 22.04, the toggle_lockless_deploys plan supports Ubuntu 18.04 in this release.