It was discovered that Puppet, a centralized configuration management solution, misgenerated certificates if the "certdnsnames" option was used. This could lead to man in the middle attacks