These release notes are for an old release of Salt. This release might contain known security and other issues that are fixed in the latest release.

Salt 3005.5 Release Notes¶

Version 3005.5 is a CVE security fix release for 3005.

Security¶

Fix CVE-2024-22231 by preventing directory traversal when creating syndic cache directory on the master.
Fix CVE-2024-22232 Prevent directory traversal attacks in the master's serve_file method.

These vulnerablities were discovered and reported by: Yudi Zhao(Huawei Nebula Security Lab),Chenwei Jiang(Huawei Nebula Security Lab) (#565)

Generated on October 23, 2024 at 09:06:04 UTC.

You are viewing docs built from a recent snapshot of the master branch. Switch to docs for the latest stable release, 3007.1.