Security Announcements
Salt security advisory release - 2025-JUN-12
The Salt Project is announcing the Salt 3006.12 LTS and 3007.4 STS CVE releases. This release addresses 11 CVEs, ranging from low to critical in severity.
Salt 3006.9 LTS is available
The Salt Project is announcing the Salt 3006.9 LTS bugfix release. This bugfix release includes at least one CVE fix (low to medium risk).
Salt security advisory release - 2024-JAN-31
The Salt Project released a security update to Salt to address 2 vulnerabilities with a severity rating of High and Medium. We strongly recommend prioritizing this update. This is a security advisory release.
ATTENTION! Some High and Medium severity vulnerabilities have been discovered in Salt versions 3006.5 and earlier
Some High and Medium severity vulnerabilities have been discovered in Salt versions 3006.5 and earlier. The vulnerabilities are high and medium severity based on the common Vulnerability Scoring System (CVSS).
Salt security advisory release - 2023-OCT-27
The Salt Project released a security update to Salt to address 1 vulnerability with a severity rating of Medium. We strongly recommend prioritizing this update. This is a security advisory release.
ATTENTION! A Medium severity vulnerability has been discovered in Salt versions 3006.3 and earlier
A Medium severity vulnerability has been discovered in Salt versions 3006.3 and earlier. The vulnerability is Medium severity based on the common Vulnerability Scoring System (CVSS).
Salt security advisory release - 2023-AUG-10
The Salt Project released a security update to Salt to address 2 vulnerabilities with a severity rating of Medium. We strongly recommend prioritizing this update. This is a security advisory release.
ATTENTION! Some medium severity vulnerabilities have been discovered in Salt versions 3006.1 and earlier
Some medium severity vulnerabilities have been discovered in Salt versions 3006.1 and earlier. The vulnerabilities are medium severity based on the common Vulnerability Scoring System (CVSS).
Salt security advisory release - 2022-JUNE-21
The Salt Project released a security update to Salt to address 1 vulnerability with severity rating High. If you are using PAM authentication from within Salt, we strongly recommend prioritizing this update. This is a security advisory release. This release includes fixes to the vulnerability and bug fixes from the previous CVE release.