These release notes are for an old release of Salt. This release might contain known security and other issues that are fixed in the latest release.

(release-3006.4)=

Salt 3006.4 release notes¶

Changelog¶

Fix CVE-2023-34049 by ensuring we do not use a predictable name for the script and correctly check returncode of scp command. This only impacts salt-ssh users using the pre-flight option. #cve-2023-34049
Update to gitpython>=3.1.35 due to https://github.com/advisories/GHSA-wfm5-v35h-vwf4 and https://github.com/advisories/GHSA-cwvm-v4w8-q58c #65163
Bump to cryptography==41.0.4 due to https://github.com/advisories/GHSA-v8gr-m533-ghj9 #65268
Upgrade relenv to 0.13.12 to address CVE-2023-4807 #65316
Bump to urllib3==1.26.17 or urllib3==2.0.6 due to https://github.com/advisories/GHSA-v845-jxx5-vc9f #65334
Bump to gitpython==3.1.37 due to https://github.com/advisories/GHSA-cwvm-v4w8-q58c #65383