Comment 4 for bug 1969939

Thanks for the reply Hadmut. We should indeed try to fix the current version we have in Ubuntu while Debian maintainers sort out the update to a newer version.

What you described is indeed one of the issue we have with version 5.5.22-4, in Jammy and Kinetic. I did some investigation in the upstream bug tracker and I found some fixes that we might want to backport to this version:

* PUP-10537 (https://tickets.puppetlabs.com/browse/PUP-10537)

This is the upstream fix for the issue you mentioned. This is the commit: https://github.com/puppetlabs/puppet/commit/6af09225b3b962547a

* PUP-11045 (https://tickets.puppetlabs.com/browse/PUP-11045)

This fix is related to OpenSSL 3 which is the default since Jammy. This is the commit: https://github.com/puppetlabs/puppet/commit/c8ad6590c1860cdc

* PUP-11439 (https://tickets.puppetlabs.com/browse/PUP-11439)

This issue is also related to OpenSSL 3 but it does not have a fix commited. Checking the mentioned file I also found PUP-11082 which needs more careful consideration and it might be worth backporting it. This is the commit: https://github.com/puppetlabs/puppet/commit/78712feb5dd5456

* PUP-11048 (https://tickets.puppetlabs.com/browse/PUP-11048)

This is also related to ruby 3.0 transition. This is the commit: https://github.com/puppetlabs/puppet/commit/93c86d6dc8