DO NOT MERGE till 5.5.17 release (15 Oct 2019)

source/facter/3.11/release_notes.md

@@ -6,6 +6,17 @@ title: "Facter release notes"
 These are the new features, resolved issues, and deprecations in this version of Facter. 
 
 
+## Facter 3.11.10
+
+Released 15 October 2019 with Puppet 5.5.17.
+
+### Resolved issues
+
+- Google Compute Engine's internal metadata service is deprecating the v1beta1 endpoint sometime before the end of 2019. To prepare for this, Facter now uses the v1 endpoint instead. [FACT-2018](https://tickets.puppetlabs.com/browse/FACT-2018)
+
+- When Facter starts a mountpoint to get the size and available space, it automatically mounts type `autofs` mountpoints, which is not the intended behavior. Automounts are now skipped by Facter when resolving mountpoints. [FACT-1992](https://tickets.puppetlabs.com/browse/FACT-1992)
+
+
 ## Facter 3.11.9
 
 Released 16 July 2019 with Puppet 5.5.16.

source/puppet-agent/_agent5.x.html

@@ -6,6 +6,7 @@
   </thead>
 
   <tbody>
+  <tr><td><a href="/puppet/5.5/release_notes_agent.html#puppet-agent-5517">5.5.17</a></td> <td><a href="/puppet/5.5/release_notes.html#puppet-5517">5.5.17</a></td> <td><a href="/facter/3.11/release_notes.html#facter-31110">3.11.10</a></td> <td><a href="/puppet/5.5/release_notes.html#puppet-5517">3.4.6</a></td> <td><a href="/mcollective/current/releasenotes.html">2.12.5</a></td> <td>2.4.7</td> <td>1.0.2t</td></tr> 
   <tr><td><a href="/puppet/5.5/release_notes_agent.html#puppet-agent-5516">5.5.16</a></td> <td><a href="/puppet/5.5/release_notes.html#puppet-5516">5.5.16</a></td> <td><a href="/facter/3.11/release_notes.html#facter-3119">3.11.9</a></td> <td><a href="/puppet/5.5/release_notes.html#puppet-5516">3.4.6</a></td> <td><a href="/mcollective/current/releasenotes.html">2.12.4</a></td> <td>2.4.5</td> <td>1.0.2r</td></tr> 
   <tr><td><em>5.5.15</em></td><td>No release this version.</td> <td><em>-</em></td> <td>-</td> <td>-</td> <td>-</td> <td>-</td></tr>
   <tr><td><a href="/puppet/5.5/release_notes_agent.html#puppet-agent-5514">5.5.14</a></td> <td><a href="/puppet/5.5/release_notes.html#puppet-5514">5.5.14</a></td> <td><a href="/facter/3.11/release_notes.html#facter-3118">3.11.8</a></td> <td><a href="/puppet/5.5/release_notes.html#puppet-5514">3.4.6</a></td> <td><a href="/mcollective/current/releasenotes.html">2.12.4</a></td> <td>2.4.5</td> <td>1.0.2r</td></tr> 

source/puppet/5.5/release_notes.markdown

@@ -20,6 +20,52 @@ Read the [Puppet 5.1](../5.1/release_notes.html), [Puppet 5.2](../5.2/release_no
 
 Also of interest: the [Puppet 4.10 release notes](../4.10/release_notes.html) and [Puppet 4.9 release notes](../4.9/release_notes.html).
 
+## Puppet 5.5.17
+
+Released 15 October 2019
+
+This is a bug-fix and new feature release.
+
+### New features
+
+- The `exec` type's `onlyif` and `unless` checks now return redacted output if it is marked sensitive. [PUP-9956](https://tickets.puppetlabs.com/browse/PUP-9956)
+
+- You can now specify `no_proxy` as a Puppet setting, consistent with other `http_proxy_*` Puppet settings. The `NO_PROXY` environment variable takes precedence over the `no_proxy` Puppet setting. [PUP-9316](https://tickets.puppetlabs.com/browse/PUP-9316)
+
+- Installation time on larger modules has been improved. Previously, on platforms that had the minitar gem installed, mintar would fsync every directory and file, causing long extraction times during module installation. Puppet now uses minitar 0.9, with this fsync option turned off by default. [PUP-10013](https://tickets.puppetlabs.com/browse/PUP-10013)
+
+- Puppet can now set Windows service startup type to Auto-Start (Delayed). To set a service to use this setting, set the `enable` parameter of the `service` resource to "delayed". [PUP-6382](https://tickets.puppetlabs.com/browse/PUP-6382)
+
+- When running in daemon mode, Puppet logs the configuration used on agent startup at the debug level. The log is sent to the output specified by the `--logdest` option. Configuration is reloaded and also logged on SIGHUP. [PUP-9754](https://tickets.puppetlabs.com/browse/PUP-9754)
+
+### Resolved issues
+
+- This version upgrades the Ruby version to 2.5.7 to address the following security issues:
+* [CVE-2019-16255](https://www.ruby-lang.org/en/news/2019/10/01/code-injection-shell-test-cve-2019-16255/): A code injection vulnerability of Shell#[] and Shell#test
+* [CVE-2019-16201](https://www.ruby-lang.org/en/news/2019/10/01/webrick-regexp-digestauth-dos-cve-2019-16201/): Regular Expression Denial of Service vulnerability of WEBrick's Digest access authentication
+* [CVE-2019-16254](https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/): HTTP response splitting in WEBrick (Additional fix)
+* [CVE-2019-15845](https://www.ruby-lang.org/en/news/2019/10/01/nul-injection-file-fnmatch-cve-2019-15845/): A NUL injection vulnerability of File.fnmatch and File.fnmatch?
+* [RDoc vulnerabilities](https://www.ruby-lang.org/en/news/2019/08/28/multiple-jquery-vulnerabilities-in-rdoc/).
+
+- This version upgrades OpenSSL to 1.0.2t to address CVE-2019-1547, CVE-2019-1549 and CVE-2019-1563. For more details, see the [OpenSSL Security Advisory](https://www.openssl.org/news/secadv/20190910.txt).
+
+- This version includes a security update to curl 7.66.0 to address [CVE-2019-5481](https://curl.haxx.se/docs/CVE-2019-5481.html) and [CVE-2019-5482](https://curl.haxx.se/docs/CVE-2019-5482.html).
+
+- Previously, the `puppet resource --to_yaml` and `puppet device --to_yaml` commands did not generate valid YAML if the output contained special characters such as a single quote. [PUP-7808](https://tickets.puppetlabs.com/browse/PUP-7808)
+
+- Prior to this release, Puppet silently ignored truncated file downloads, such as when using a file resource whose source parameter contained a `puppet://`, `http://`, or `https://` URL. This issue was caused by a Ruby issue and is fixed in this release. [PA-2849](https://tickets.puppetlabs.com/browse/PA-2849)
+
+- The `puppet plugin download` command now reuses HTTPS connections. This significantly speeds up the download process. [PUP-8662](https://tickets.puppetlabs.com/browse/PUP-8662)
+
+- If the agent is configured to use an HTTP proxy, and it attempts to connect to a host that matches an entry in the `NO_PROXY` environment variable, then Puppet connects directly to the host instead of using the proxy. This feature was originally introduced in Puppet 4.2, but it did not work. [PUP-9942](https://tickets.puppetlabs.com/browse/PUP-9942)
+
+- Agents could not connect through an authenticating HTTP proxy when making REST requests to Puppet infrastructure, such as when requesting a catalog. Now agents will observe the `http_proxy_user` and `http_proxy_password` settings or `HTTP_PROXY_USER/PASSWORD` environment variables when making those requests. [PUP-4470](https://tickets.puppetlabs.com/browse/PUP-4470)
+
+- If an HTTP proxy is configured either in Puppet settings or the `HTTP_PROXY_*` environment variables, then Puppet does not use the proxy when connecting to localhost or 127.0.0.1. This behavior can be modified by changing the `no_proxy` setting in puppet.conf or the `NO_PROXY` environment variable. [PUP-2172](https://tickets.puppetlabs.com/browse/PUP-2172)
+
+
+
+
 ## Puppet 5.5.16
 
 Released 16 July 2019