Salt Minion STS MSI x64 Version 30.07.8
SALT 3007.8 RELEASE NOTES$$$CHANGELOG$$$FIXED$$$Fixed an issue with the win_network salt.util to select interfaces by name instead of description. #58138$$$$$$Fixes debug logging for master AES and session keys to be consistent across crypt.AsyncAuth._authenticate() and crypt.SAuth.authenticate(). Now differentiates between master key rotation and session key rotation. #68113$$$$$$Fix filedescriptor out of range problem in tcp.py by replacing select.sect() with the higher-level selectors API #68136$$$$$$Fixed loader handling of already loaded modules; thereby fixed an interaction between the x509_v2 state module and any following state having a prereq on a file state #68281$$$$$$Fix potential race conditions an memory usage in zeromq request client tranport. #68297$$$$$$Revert change to store cargo home as a temporary directory #68311$$$$$$Update openssl FIPS provider to 3.1.2 (certified until 2030) #68317$$$$$$ADDED$$$Added the ability to pass the context to pyobjects renderer #68224
Salt Minion LTS MSI x64 Version 30.06.16
SALT 3006.16 RELEASE NOTES$$$CHANGELOG$$$FIXED$$$Fixed an issue with the win_network salt.util to select interfaces by name instead of description. #58138$$$$$$Fixes debug logging for master AES and session keys to be consistent across crypt.AsyncAuth._authenticate() and crypt.SAuth.authenticate(). Now differentiates between master key rotation and session key rotation. #68113$$$$$$Fix potential race conditions an memory usage in zeromq request client tranport. #68297$$$$$$Revert change to store cargo home as a temporary directory #68311$$$$$$Update openssl FIPS provider to 3.1.2 (certified until 2030) #68317$$$$$$ADDED$$$Added the ability to pass the context to pyobjects renderer #68224
Salt Minion STS EXE x64 Version 3007.8
SALT 3007.8 RELEASE NOTES$$$CHANGELOG$$$FIXED$$$Fixed an issue with the win_network salt.util to select interfaces by name instead of description. #58138$$$$$$Fixes debug logging for master AES and session keys to be consistent across crypt.AsyncAuth._authenticate() and crypt.SAuth.authenticate(). Now differentiates between master key rotation and session key rotation. #68113$$$$$$Fix filedescriptor out of range problem in tcp.py by replacing select.sect() with the higher-level selectors API #68136$$$$$$Fixed loader handling of already loaded modules; thereby fixed an interaction between the x509_v2 state module and any following state having a prereq on a file state #68281$$$$$$Fix potential race conditions an memory usage in zeromq request client tranport. #68297$$$$$$Revert change to store cargo home as a temporary directory #68311$$$$$$Update openssl FIPS provider to 3.1.2 (certified until 2030) #68317$$$$$$ADDED$$$Added the ability to pass the context to pyobjects renderer #68224
Salt Minion LTS EXE x64 Version 3006.16
SALT 3006.16 RELEASE NOTES$$$CHANGELOG$$$FIXED$$$Fixed an issue with the win_network salt.util to select interfaces by name instead of description. #58138$$$$$$Fixes debug logging for master AES and session keys to be consistent across crypt.AsyncAuth._authenticate() and crypt.SAuth.authenticate(). Now differentiates between master key rotation and session key rotation. #68113$$$$$$Fix potential race conditions an memory usage in zeromq request client tranport. #68297$$$$$$Revert change to store cargo home as a temporary directory #68311$$$$$$Update openssl FIPS provider to 3.1.2 (certified until 2030) #68317$$$$$$ADDED$$$Added the ability to pass the context to pyobjects renderer #68224
Salt Minion STS MSI x86 Version 30.07.8
SALT 3007.8 RELEASE NOTES$$$CHANGELOG$$$FIXED$$$Fixed an issue with the win_network salt.util to select interfaces by name instead of description. #58138$$$$$$Fixes debug logging for master AES and session keys to be consistent across crypt.AsyncAuth._authenticate() and crypt.SAuth.authenticate(). Now differentiates between master key rotation and session key rotation. #68113$$$$$$Fix filedescriptor out of range problem in tcp.py by replacing select.sect() with the higher-level selectors API #68136$$$$$$Fixed loader handling of already loaded modules; thereby fixed an interaction between the x509_v2 state module and any following state having a prereq on a file state #68281$$$$$$Fix potential race conditions an memory usage in zeromq request client tranport. #68297$$$$$$Revert change to store cargo home as a temporary directory #68311$$$$$$Update openssl FIPS provider to 3.1.2 (certified until 2030) #68317$$$$$$ADDED$$$Added the ability to pass the context to pyobjects renderer #68224
Salt Minion LTS MSI x86 Version 30.06.16
SALT 3006.16 RELEASE NOTES$$$CHANGELOG$$$FIXED$$$Fixed an issue with the win_network salt.util to select interfaces by name instead of description. #58138$$$$$$Fixes debug logging for master AES and session keys to be consistent across crypt.AsyncAuth._authenticate() and crypt.SAuth.authenticate(). Now differentiates between master key rotation and session key rotation. #68113$$$$$$Fix potential race conditions an memory usage in zeromq request client tranport. #68297$$$$$$Revert change to store cargo home as a temporary directory #68311$$$$$$Update openssl FIPS provider to 3.1.2 (certified until 2030) #68317$$$$$$ADDED$$$Added the ability to pass the context to pyobjects renderer #68224
Salt Minion STS EXE x86 Version 3007.8
SALT 3007.8 RELEASE NOTES$$$CHANGELOG$$$FIXED$$$Fixed an issue with the win_network salt.util to select interfaces by name instead of description. #58138$$$$$$Fixes debug logging for master AES and session keys to be consistent across crypt.AsyncAuth._authenticate() and crypt.SAuth.authenticate(). Now differentiates between master key rotation and session key rotation. #68113$$$$$$Fix filedescriptor out of range problem in tcp.py by replacing select.sect() with the higher-level selectors API #68136$$$$$$Fixed loader handling of already loaded modules; thereby fixed an interaction between the x509_v2 state module and any following state having a prereq on a file state #68281$$$$$$Fix potential race conditions an memory usage in zeromq request client tranport. #68297$$$$$$Revert change to store cargo home as a temporary directory #68311$$$$$$Update openssl FIPS provider to 3.1.2 (certified until 2030) #68317$$$$$$ADDED$$$Added the ability to pass the context to pyobjects renderer #68224
Salt Minion LTS EXE x86 Version 3006.16
SALT 3006.16 RELEASE NOTES$$$CHANGELOG$$$FIXED$$$Fixed an issue with the win_network salt.util to select interfaces by name instead of description. #58138$$$$$$Fixes debug logging for master AES and session keys to be consistent across crypt.AsyncAuth._authenticate() and crypt.SAuth.authenticate(). Now differentiates between master key rotation and session key rotation. #68113$$$$$$Fix potential race conditions an memory usage in zeromq request client tranport. #68297$$$$$$Revert change to store cargo home as a temporary directory #68311$$$$$$Update openssl FIPS provider to 3.1.2 (certified until 2030) #68317$$$$$$ADDED$$$Added the ability to pass the context to pyobjects renderer #68224
Salt Version 3007.8
Automation and infrastructure management engine
Salt Version 3007.7
Automation and infrastructure management engine
Salt Minion STS MSI x86 Version 30.07.7
Salt 3007.7 release notes$$$Changelog$$$$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead.$$$Fixed max_depth not respected in file.directory state$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings.$$$Ensure the right HOME environment value is set during Pygit2 remote initialization. $$$Fix sync_renderers failure when the custom renderer is specified via config$$$modules.aptpkg: correct handling of foreign-arch packages$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$cmdmod: fix special character handling on Windows $$$cmdmod: fix quotation handling with Windows and Powershell $$$Fix test mode causing unintended execution when non-boolean values are passed.$$$Fixed ssh_known_hosts.present failure when ssh host keys changed $$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability $$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$win_runas: fix output decoding exceptions win_runas: ensure opened handles are closed $$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback. $$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$Upgrade onedir relenv to 0.20.5:$$$Update gdbm from 1.25 to 1.26$$$Update libffi from 3.5.1 to 3.5.2$$$Update readline from 8.2.13 to 8.3$$$Update sqlite from 3.50.2 to 3.50.4$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965) $$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$win_runas: support cmdmod parameters bg; env; redirect_stderr; timeout$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion LTS MSI x86 Version 30.06.15
Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead. $$$$$$Fixed max_depth not respected in file.directory state $$$$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings. $$$Ensure the right HOME environment value is set during Pygit2 remote initialization.$$$$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$$$$cmdmod: fix special character handling on Windows $$$$$$cmdmod: fix quotation handling with Windows and Powershell $$$$$$Fixed ssh_known_hosts.present failure when ssh host keys changed$$$$$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability$$$$$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$$$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$$$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback.$$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$$$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$$$$Upgrade onedir relenv to 0.20.5:$$$$$$Update gdbm from 1.25 to 1.26$$$$$$Update libffi from 3.5.1 to 3.5.2$$$$$$Update readline from 8.2.13 to 8.3$$$$$$Update sqlite from 3.50.2 to 3.50.4$$$$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965)$$$$$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion STS MSI x64 Version 30.07.7
Salt 3007.7 release notes$$$Changelog$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead.$$$Fixed max_depth not respected in file.directory state$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings.$$$Ensure the right HOME environment value is set during Pygit2 remote initialization. $$$Fix sync_renderers failure when the custom renderer is specified via config$$$modules.aptpkg: correct handling of foreign-arch packages$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$cmdmod: fix special character handling on Windows $$$cmdmod: fix quotation handling with Windows and Powershell $$$Fix test mode causing unintended execution when non-boolean values are passed.$$$Fixed ssh_known_hosts.present failure when ssh host keys changed $$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability $$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$win_runas: fix output decoding exceptions win_runas: ensure opened handles are closed $$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback. $$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$Upgrade onedir relenv to 0.20.5:$$$Update gdbm from 1.25 to 1.26$$$Update libffi from 3.5.1 to 3.5.2$$$Update readline from 8.2.13 to 8.3$$$Update sqlite from 3.50.2 to 3.50.4$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965) $$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$win_runas: support cmdmod parameters bg; env; redirect_stderr; timeout$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion LTS MSI x64 Version 30.06.15
Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead. $$$$$$Fixed max_depth not respected in file.directory state $$$$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings. $$$Ensure the right HOME environment value is set during Pygit2 remote initialization.$$$$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$$$$cmdmod: fix special character handling on Windows $$$$$$cmdmod: fix quotation handling with Windows and Powershell $$$$$$Fixed ssh_known_hosts.present failure when ssh host keys changed$$$$$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability$$$$$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$$$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$$$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback.$$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$$$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$$$$Upgrade onedir relenv to 0.20.5:$$$$$$Update gdbm from 1.25 to 1.26$$$$$$Update libffi from 3.5.1 to 3.5.2$$$$$$Update readline from 8.2.13 to 8.3$$$$$$Update sqlite from 3.50.2 to 3.50.4$$$$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965)$$$$$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion STS EXE x86 Version 3007.7
Salt 3007.7 release notes$$$Changelog$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead.$$$Fixed max_depth not respected in file.directory state$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings.$$$Ensure the right HOME environment value is set during Pygit2 remote initialization. $$$Fix sync_renderers failure when the custom renderer is specified via config$$$modules.aptpkg: correct handling of foreign-arch packages$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$cmdmod: fix special character handling on Windows $$$cmdmod: fix quotation handling with Windows and Powershell $$$Fix test mode causing unintended execution when non-boolean values are passed.$$$Fixed ssh_known_hosts.present failure when ssh host keys changed $$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability $$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$win_runas: fix output decoding exceptions win_runas: ensure opened handles are closed $$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback. $$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$Upgrade onedir relenv to 0.20.5:$$$Update gdbm from 1.25 to 1.26$$$Update libffi from 3.5.1 to 3.5.2$$$Update readline from 8.2.13 to 8.3$$$Update sqlite from 3.50.2 to 3.50.4$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965) $$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$win_runas: support cmdmod parameters bg; env; redirect_stderr; timeout$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion STS EXE x64 Version 3007.7
Salt 3007.7 release notes$$$Changelog$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead.$$$Fixed max_depth not respected in file.directory state$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings.$$$Ensure the right HOME environment value is set during Pygit2 remote initialization. $$$Fix sync_renderers failure when the custom renderer is specified via config$$$modules.aptpkg: correct handling of foreign-arch packages$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$cmdmod: fix special character handling on Windows $$$cmdmod: fix quotation handling with Windows and Powershell $$$Fix test mode causing unintended execution when non-boolean values are passed.$$$Fixed ssh_known_hosts.present failure when ssh host keys changed $$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability $$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$win_runas: fix output decoding exceptions win_runas: ensure opened handles are closed $$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback. $$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$Upgrade onedir relenv to 0.20.5:$$$Update gdbm from 1.25 to 1.26$$$Update libffi from 3.5.1 to 3.5.2$$$Update readline from 8.2.13 to 8.3$$$Update sqlite from 3.50.2 to 3.50.4$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965) $$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$win_runas: support cmdmod parameters bg; env; redirect_stderr; timeout$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion STS MSI x86 Version 30.07.7
Salt 3007.7 release notes$$$Changelog$$$$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead.$$$Fixed max_depth not respected in file.directory state$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings.$$$Ensure the right HOME environment value is set during Pygit2 remote initialization. $$$Fix sync_renderers failure when the custom renderer is specified via config$$$modules.aptpkg: correct handling of foreign-arch packages$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$cmdmod: fix special character handling on Windows $$$cmdmod: fix quotation handling with Windows and Powershell $$$Fix test mode causing unintended execution when non-boolean values are passed.$$$Fixed ssh_known_hosts.present failure when ssh host keys changed $$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability $$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$win_runas: fix output decoding exceptions win_runas: ensure opened handles are closed $$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback. $$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$Upgrade onedir relenv to 0.20.5:$$$Update gdbm from 1.25 to 1.26$$$Update libffi from 3.5.1 to 3.5.2$$$Update readline from 8.2.13 to 8.3$$$Update sqlite from 3.50.2 to 3.50.4$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965) $$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$win_runas: support cmdmod parameters bg; env; redirect_stderr; timeout$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion LTS MSI x86 Version 30.06.15
Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead. $$$$$$Fixed max_depth not respected in file.directory state $$$$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings. $$$Ensure the right HOME environment value is set during Pygit2 remote initialization.$$$$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$$$$cmdmod: fix special character handling on Windows $$$$$$cmdmod: fix quotation handling with Windows and Powershell $$$$$$Fixed ssh_known_hosts.present failure when ssh host keys changed$$$$$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability$$$$$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$$$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$$$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback.$$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$$$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$$$$Upgrade onedir relenv to 0.20.5:$$$$$$Update gdbm from 1.25 to 1.26$$$$$$Update libffi from 3.5.1 to 3.5.2$$$$$$Update readline from 8.2.13 to 8.3$$$$$$Update sqlite from 3.50.2 to 3.50.4$$$$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965)$$$$$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion STS MSI x64 Version 30.07.7
Salt 3007.7 release notes$$$Changelog$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead.$$$Fixed max_depth not respected in file.directory state$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings.$$$Ensure the right HOME environment value is set during Pygit2 remote initialization. $$$Fix sync_renderers failure when the custom renderer is specified via config$$$modules.aptpkg: correct handling of foreign-arch packages$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$cmdmod: fix special character handling on Windows $$$cmdmod: fix quotation handling with Windows and Powershell $$$Fix test mode causing unintended execution when non-boolean values are passed.$$$Fixed ssh_known_hosts.present failure when ssh host keys changed $$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability $$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$win_runas: fix output decoding exceptions win_runas: ensure opened handles are closed $$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback. $$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$Upgrade onedir relenv to 0.20.5:$$$Update gdbm from 1.25 to 1.26$$$Update libffi from 3.5.1 to 3.5.2$$$Update readline from 8.2.13 to 8.3$$$Update sqlite from 3.50.2 to 3.50.4$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965) $$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$win_runas: support cmdmod parameters bg; env; redirect_stderr; timeout$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion LTS MSI x64 Version 30.06.15
Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead. $$$$$$Fixed max_depth not respected in file.directory state $$$$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings. $$$Ensure the right HOME environment value is set during Pygit2 remote initialization.$$$$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$$$$cmdmod: fix special character handling on Windows $$$$$$cmdmod: fix quotation handling with Windows and Powershell $$$$$$Fixed ssh_known_hosts.present failure when ssh host keys changed$$$$$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability$$$$$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$$$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$$$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback.$$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$$$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$$$$Upgrade onedir relenv to 0.20.5:$$$$$$Update gdbm from 1.25 to 1.26$$$$$$Update libffi from 3.5.1 to 3.5.2$$$$$$Update readline from 8.2.13 to 8.3$$$$$$Update sqlite from 3.50.2 to 3.50.4$$$$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965)$$$$$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion STS EXE x86 Version 3007.7
Salt 3007.7 release notes$$$Changelog$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead.$$$Fixed max_depth not respected in file.directory state$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings.$$$Ensure the right HOME environment value is set during Pygit2 remote initialization. $$$Fix sync_renderers failure when the custom renderer is specified via config$$$modules.aptpkg: correct handling of foreign-arch packages$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$cmdmod: fix special character handling on Windows $$$cmdmod: fix quotation handling with Windows and Powershell $$$Fix test mode causing unintended execution when non-boolean values are passed.$$$Fixed ssh_known_hosts.present failure when ssh host keys changed $$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability $$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$win_runas: fix output decoding exceptions win_runas: ensure opened handles are closed $$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback. $$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$Upgrade onedir relenv to 0.20.5:$$$Update gdbm from 1.25 to 1.26$$$Update libffi from 3.5.1 to 3.5.2$$$Update readline from 8.2.13 to 8.3$$$Update sqlite from 3.50.2 to 3.50.4$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965) $$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$win_runas: support cmdmod parameters bg; env; redirect_stderr; timeout$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion STS EXE x64 Version 3007.7
Salt 3007.7 release notes$$$Changelog$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead.$$$Fixed max_depth not respected in file.directory state$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings.$$$Ensure the right HOME environment value is set during Pygit2 remote initialization. $$$Fix sync_renderers failure when the custom renderer is specified via config$$$modules.aptpkg: correct handling of foreign-arch packages$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$cmdmod: fix special character handling on Windows $$$cmdmod: fix quotation handling with Windows and Powershell $$$Fix test mode causing unintended execution when non-boolean values are passed.$$$Fixed ssh_known_hosts.present failure when ssh host keys changed $$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability $$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$win_runas: fix output decoding exceptions win_runas: ensure opened handles are closed $$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback. $$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$Upgrade onedir relenv to 0.20.5:$$$Update gdbm from 1.25 to 1.26$$$Update libffi from 3.5.1 to 3.5.2$$$Update readline from 8.2.13 to 8.3$$$Update sqlite from 3.50.2 to 3.50.4$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965) $$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$win_runas: support cmdmod parameters bg; env; redirect_stderr; timeout$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion LTS EXE x86 Version 3006.15
Salt 3006.15 release notes$$$Changelog$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead. $$$$$$Fixed max_depth not respected in file.directory state $$$$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings. $$$Ensure the right HOME environment value is set during Pygit2 remote initialization.$$$$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$$$$cmdmod: fix special character handling on Windows $$$$$$cmdmod: fix quotation handling with Windows and Powershell $$$$$$Fixed ssh_known_hosts.present failure when ssh host keys changed$$$$$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability$$$$$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$$$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$$$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback.$$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$$$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$$$$Upgrade onedir relenv to 0.20.5:$$$$$$Update gdbm from 1.25 to 1.26$$$$$$Update libffi from 3.5.1 to 3.5.2$$$$$$Update readline from 8.2.13 to 8.3$$$$$$Update sqlite from 3.50.2 to 3.50.4$$$$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965)$$$$$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion LTS EXE x64 Version 3006.15
Salt 3006.15 release notes$$$Changelog$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead. $$$$$$Fixed max_depth not respected in file.directory state $$$$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings. $$$Ensure the right HOME environment value is set during Pygit2 remote initialization.$$$$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$$$$cmdmod: fix special character handling on Windows $$$$$$cmdmod: fix quotation handling with Windows and Powershell $$$$$$Fixed ssh_known_hosts.present failure when ssh host keys changed$$$$$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability$$$$$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$$$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$$$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback.$$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$$$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$$$$Upgrade onedir relenv to 0.20.5:$$$$$$Update gdbm from 1.25 to 1.26$$$$$$Update libffi from 3.5.1 to 3.5.2$$$$$$Update readline from 8.2.13 to 8.3$$$$$$Update sqlite from 3.50.2 to 3.50.4$$$$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965)$$$$$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion LTS EXE x86 Version 3006.15
Salt 3006.15 release notes$$$Changelog$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead. $$$$$$Fixed max_depth not respected in file.directory state $$$$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings. $$$Ensure the right HOME environment value is set during Pygit2 remote initialization.$$$$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$$$$cmdmod: fix special character handling on Windows $$$$$$cmdmod: fix quotation handling with Windows and Powershell $$$$$$Fixed ssh_known_hosts.present failure when ssh host keys changed$$$$$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability$$$$$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$$$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$$$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback.$$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$$$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$$$$Upgrade onedir relenv to 0.20.5:$$$$$$Update gdbm from 1.25 to 1.26$$$$$$Update libffi from 3.5.1 to 3.5.2$$$$$$Update readline from 8.2.13 to 8.3$$$$$$Update sqlite from 3.50.2 to 3.50.4$$$$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965)$$$$$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Minion LTS EXE x64 Version 3006.15
Salt 3006.15 release notes$$$Changelog$$$Changed$$$cmdmod: invoke a shell only with cmd.shell or when using the shell parameter cmdmod: run PowerShell scripts via -File instead of -Command cmdmod: allow passing args as a list for cmd.script cmdmod: return an error when running a bad command with cmd.powershell $$$$$$Fixed$$$Fixes issue with the minion.restart function not working with systemd. Will now detect if the system is using systemd or is a Windows system and use service.restart instead. $$$$$$Fixed max_depth not respected in file.directory state $$$$$$Updated CLI examples in docs to conform to bash syntax. Standardized documentation on Windows modules to Google Style Python Docstrings. $$$Ensure the right HOME environment value is set during Pygit2 remote initialization.$$$$$$Ensure network connections are cleanly closed in ipc and tcp transports $$$$$$cmdmod: fix special character handling on Windows $$$$$$cmdmod: fix quotation handling with Windows and Powershell $$$$$$Fixed ssh_known_hosts.present failure when ssh host keys changed$$$$$$Revert ipc_write_timeout change (3006.13) due to multiple reports of this change causing instability$$$$$$cmdmod: handle cases where the temp script is not removed with cmd.script$$$$$$Fixed MinionManager.stop() to allow processing of minion event bus when called; to allow jobs returns from service.restart salt-minion no_block=True to reach master. $$$$$$grains.disks: fix exception with incompatible output of Get-PhysicalDisk $$$$$$Log a useful error if the minions key is overwritten with bad data; instead of a traceback.$$$$$$win_lgpo_reg only applies user settings to the registry.pol file. It no longer applies those same settings to the user registry. Those settings will be applied to all users the next time they log in. $$$$$$salt.crypt.AsyncAuth and salt.crypt.SAuth read the private key from the filesystem a single time. $$$$$$Modifies systemd_service.{restart;stop} to default to using no_block=True when the service being stopped or restarted is the salt-minion. $$$$$$Upgrade onedir relenv to 0.20.5:$$$$$$Update gdbm from 1.25 to 1.26$$$$$$Update libffi from 3.5.1 to 3.5.2$$$$$$Update readline from 8.2.13 to 8.3$$$$$$Update sqlite from 3.50.2 to 3.50.4$$$$$$Update sqlite on windows from 3.40.1 to 0.35.4 (CVE-2025-6965)$$$$$$Added$$$Added a new force option to pkg.install on Windows to force the installer to run even if the package is already installed $$$$$$Adds support for creating a scheduled job to restart the minion if the initial attempt at restarting it via minion.restart has failed.
Salt Version 3007.6
Automation and infrastructure management engine
Salt Minion STS MSI x64 Version 30.07.6
Salt 3007.6 release notes$$$Changelog$$$Fixed$$$Onedir packages include relenv 0.19.4.$$$$$$Update sqlite to 3500200$$$$$$Update libffi to 3.5.1$$$$$$Update python 3.13 to 3.13.5$$$$$$Load default openssl modules when no system openssl binary exists #68014$$$$$$pkgrepo.managed not applying changes / account for name attr being part of the state #68107$$$$$$Fix test mode causing unintended execution when non-boolean values are passed. #68121
Salt Minion STS MSI x86 Version 30.07.6
Salt 3007.6 release notes$$$Changelog$$$Fixed$$$Onedir packages include relenv 0.19.4.$$$$$$Update sqlite to 3500200$$$$$$Update libffi to 3.5.1$$$$$$Update python 3.13 to 3.13.5$$$$$$Load default openssl modules when no system openssl binary exists #68014$$$$$$pkgrepo.managed not applying changes / account for name attr being part of the state #68107$$$$$$Fix test mode causing unintended execution when non-boolean values are passed. #68121
Salt Minion STS EXE x64 Version 3007.6
Salt 3007.6 release notes$$$Changelog$$$Fixed$$$Onedir packages include relenv 0.19.4.$$$$$$Update sqlite to 3500200$$$$$$Update libffi to 3.5.1$$$$$$Update python 3.13 to 3.13.5$$$$$$Load default openssl modules when no system openssl binary exists #68014$$$$$$pkgrepo.managed not applying changes / account for name attr being part of the state #68107$$$$$$Fix test mode causing unintended execution when non-boolean values are passed. #68121
Salt Minion STS MSI x64 Version 30.07.6
Salt 3007.6 release notes$$$Changelog$$$Fixed$$$Onedir packages include relenv 0.19.4.$$$$$$Update sqlite to 3500200$$$$$$Update libffi to 3.5.1$$$$$$Update python 3.13 to 3.13.5$$$$$$Load default openssl modules when no system openssl binary exists #68014$$$$$$pkgrepo.managed not applying changes / account for name attr being part of the state #68107$$$$$$Fix test mode causing unintended execution when non-boolean values are passed. #68121
Salt Minion STS MSI x86 Version 30.07.6
Salt 3007.6 release notes$$$Changelog$$$Fixed$$$Onedir packages include relenv 0.19.4.$$$$$$Update sqlite to 3500200$$$$$$Update libffi to 3.5.1$$$$$$Update python 3.13 to 3.13.5$$$$$$Load default openssl modules when no system openssl binary exists #68014$$$$$$pkgrepo.managed not applying changes / account for name attr being part of the state #68107$$$$$$Fix test mode causing unintended execution when non-boolean values are passed. #68121
Salt Minion STS EXE x64 Version 3007.6
Salt 3007.6 release notes$$$Changelog$$$Fixed$$$Onedir packages include relenv 0.19.4.$$$$$$Update sqlite to 3500200$$$$$$Update libffi to 3.5.1$$$$$$Update python 3.13 to 3.13.5$$$$$$Load default openssl modules when no system openssl binary exists #68014$$$$$$pkgrepo.managed not applying changes / account for name attr being part of the state #68107$$$$$$Fix test mode causing unintended execution when non-boolean values are passed. #68121
Salt Minion LTS EXE x86 Version 3006.13
Salt Minion LTS EXE x64 Version 3006.13
Salt Minion LTS MSI x86 Version 30.06.13
Salt Minion LTS MSI x64 Version 30.06.13
Salt Minion STS EXE x64 Version 3007.5
(release-3007.5)=$$$$$$Salt 3007.5 release notes$$$Changelog$$$Fixed$$$Zeromq RequestServer continues to serve requests after encountering an un-handled exception #66519$$$$$$Added support for icmpv6-type to salt.modules.nftables #67882
Salt Minion STS MSI x86 Version 30.07.5
(release-3007.5)=$$$$$$Salt 3007.5 release notes$$$Changelog$$$Fixed$$$Zeromq RequestServer continues to serve requests after encountering an un-handled exception #66519$$$$$$Added support for icmpv6-type to salt.modules.nftables #67882
Salt Minion STS MSI x64 Version 30.07.5
(release-3007.5)=$$$$$$Salt 3007.5 release notes$$$Changelog$$$Fixed$$$Zeromq RequestServer continues to serve requests after encountering an un-handled exception #66519$$$$$$Added support for icmpv6-type to salt.modules.nftables #67882
Salt Minion LTS EXE x86 Version 3006.13
Salt Minion LTS EXE x64 Version 3006.13
Salt Minion LTS MSI x86 Version 30.06.13
Salt Minion LTS MSI x64 Version 30.06.13
Salt Minion STS EXE x64 Version 3007.5
(release-3007.5)=$$$$$$Salt 3007.5 release notes$$$Changelog$$$Fixed$$$Zeromq RequestServer continues to serve requests after encountering an un-handled exception #66519$$$$$$Added support for icmpv6-type to salt.modules.nftables #67882
Salt Minion STS MSI x86 Version 30.07.5
(release-3007.5)=$$$$$$Salt 3007.5 release notes$$$Changelog$$$Fixed$$$Zeromq RequestServer continues to serve requests after encountering an un-handled exception #66519$$$$$$Added support for icmpv6-type to salt.modules.nftables #67882
Salt Minion STS MSI x64 Version 30.07.5
(release-3007.5)=$$$$$$Salt 3007.5 release notes$$$Changelog$$$Fixed$$$Zeromq RequestServer continues to serve requests after encountering an un-handled exception #66519$$$$$$Added support for icmpv6-type to salt.modules.nftables #67882
Salt Minion STS MSI x86 Version 30.07.4
Salt 3007.4 release notes$$$Changelog$$$Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.$$$$$$CVSS Score 9.6 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N$$$$$$CVE-2024-38825 The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication; as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.$$$$$$CVSS Score 6.4 AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N$$$$$$CVE-2025-22236 Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions (>= 3007.0).$$$$$$CVSS 8.1 AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Salt Minion STS MSI x64 Version 30.07.4
Salt 3007.4 release notes$$$Changelog$$$Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.
Salt Minion STS MSI x86 Version 30.07.4
Salt 3007.4 release notes$$$Changelog$$$Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.$$$$$$CVSS Score 9.6 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N$$$$$$CVE-2024-38825 The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication; as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.$$$$$$CVSS Score 6.4 AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N$$$$$$CVE-2025-22236 Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions (>= 3007.0).$$$$$$CVSS 8.1 AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Salt Minion STS MSI x64 Version 30.07.4
Salt 3007.4 release notes$$$Changelog$$$Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.
Salt Minion STS MSI x86 Version 30.07.4
Salt 3007.4 release notes$$$Changelog$$$Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.$$$$$$CVSS Score 9.6 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N$$$$$$CVE-2024-38825 The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication; as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.$$$$$$CVSS Score 6.4 AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N$$$$$$CVE-2025-22236 Minion event bus authorization bypass. An attacker with access to a minion key can craft a message which may be able to execute a job on other minions (>= 3007.0).$$$$$$CVSS 8.1 AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Salt Minion STS MSI x64 Version 30.07.4
Salt 3007.4 release notes$$$Changelog$$$Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.
Salt Minion STS EXE x64 Version 3007.4
Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.$$$$$$CVSS Score 9.6 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N$$$$$$CVE-2024-38825 The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication; as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.
Salt Minion LTS EXE x86 Version 3006.12
Salt Minion LTS EXE x64 Version 3006.12
Salt Minion STS EXE x64 Version 3007.4
Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.$$$$$$CVSS Score 9.6 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N$$$$$$CVE-2024-38825 The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication; as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.
Salt Minion LTS MSI x86 Version 30.06.12
Salt Minion LTS MSI x64 Version 30.06.12
Salt Minion LTS EXE x86 Version 3006.12
Salt Minion LTS EXE x64 Version 3006.12
Salt Minion STS EXE x64 Version 3007.4
Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.$$$$$$CVSS Score 9.6 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N$$$$$$CVE-2024-38825 The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication; as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.
Salt Minion LTS MSI x86 Version 30.06.12
Salt Minion LTS MSI x64 Version 30.06.12
Salt Minion STS EXE x86 Version 3007.3
Salt 3007.3 release notes$$$Changelog$$$Added$$$Added the ability to configure the cluster event port and added documentation for it #66627
Salt Minion STS MSI x86 Version 30.07.3
Salt 3007.3 release notes$$$Changelog$$$Added$$$Added the ability to configure the cluster event port and added documentation for it #66627
Salt Minion STS MSI x64 Version 30.07.3
Salt 3007.3 release notes$$$Changelog$$$Added$$$Added the ability to configure the cluster event port and added documentation for it #66627
Salt Minion STS EXE x64 Version 3007.3
Salt 3007.3 release notes$$$Changelog$$$Added$$$Added the ability to configure the cluster event port and added documentation for it #66627
Salt Minion LTS MSI x86 Version 30.06.11
Salt Minion LTS MSI x64 Version 30.06.11
Salt Minion LTS EXE x86 Version 3006.11
Salt Minion LTS EXE x64 Version 3006.11
Salt Minion STS EXE x86 Version 3007.2
Salt Minion STS EXE x64 Version 3007.2
Salt Minion STS MSI x86 Version 30.07.2
Salt Minion STS MSI x64 Version 30.07.2
Not updated by vendor$$$https://github.com/saltstack/salt/releases/tag/v3007.2
Salt Minion LTS MSI x86 Version 30.06.10
Salt 3006.10 release notes$$$Changelog$$$Removed$$$Remove psutil_compat.py file; which should have been removed when RHEL 6 EOL #66467$$$$$$Removed dependency on bsdmainutils package for Debian and Ubuntu #67184$$$$$$Deprecated$$$Drop Arch Linux support #66886$$$$$$Removed support for end of life Python 3.7 and 3.8 from pre-commit and requirements #67729$$$$$$Fixed$$$Commands on Windows are now prefixed with cmd /c so that compound commands (commands separated by &&) run properly when using runas #44736$$$$$$Issue 58969: Fixes an issue with saltclass.expand_classes_in_order function where it was losing nested classes states during class expansion. The logic now use salt.utils.odict.OrderedDict to keep the inclusion ordering. #58969$$$$$$Fix issue with RunAs on Windows so that usernames of all numeric characters are handled as strings #59344$$$$$$Fixed an issue on Windows where checking success_retcodes when using the runas parameter would fail. Now success_retcodes are checked correctly #59977$$$$$$Fix an issue with cmd.script in Windows so that the exit code from a script will be passed through to the retcode of the state #60884$$$$$$Fixed an issue uninstalling packages on Windows using pkg.removed where there are multiple versions of the same software installed #61001$$$$$$Ensure file clients for runner; wheel; local and caller are available from the client_cache if called upon. #61416$$$$$$Convert stdin string to bytes regardless of stdin_raw_newlines #62501$$$$$$Issue 63933: Fixes an issue with saltclass.expanded_dict_from_minion function where it was passing a reference to minion dict which was overridden by nested classes during class expansion. Copy the node definition with copy.deepcopy instead of passing a reference. #63933$$$$$$Fixed an intermittent issue with file.recurse where the state would report failure even on success. Makes sure symlinks are created after the target file is created #64630$$$$$$The profile outputter does not crash with incorrectly formatted data #65104$$$$$$Updating version comparison for rpm and removed obsolete comparison methods for rpms #65443$$$$$$Fix batch mode hang indefinitely in some scenarios #66249$$$$$$Applying selinux.fcontext_policy_present to a shorter path than an existing entry now works #66252$$$$$$Correct bash-completion for Debian / Ubuntu #66560$$$$$$Fix minion config option startup_states #66592$$$$$$Fixed an issue with cmd.run with requirements when the shell is not the default #66596$$$$$$Fixes an issue when getting account names using the get_name function in the win_dacl.py salt util. Capability SIDs return None. SIDs for deleted accounts return the SID. SIDs for domain accounts where the system is not connected to the domain return the SID. #66637$$$$$$Fixed an issue where status.master wasnt detecting a connection to the specified master properly #66716$$$$$$Fixed win_wua.available when some of the update objects are empty CDispatch objects. The available function no longer crashes #66718$$$$$$Clean up multiprocessing file handles on minion #66726$$$$$$Fixed nacl.keygen for not yet existing sk_file or pk_file #66772$$$$$$fix yaml output #66783$$$$$$Fixed an issue where enabling grain_opts in the minion config would cause some core grains to be overwritten. #66784$$$$$$Fix an issue where files created using salt.utils.atomicile.atomic_open() were created with restrictive permissions instead of respecting the umask. #66786$$$$$$Fix bad async_method name on AsyncPubClient class #66789$$$$$$Ensure Manjaro ARM reports the correct os_family of Arch. #66796$$$$$$Removed salt.utils.data.decode usage from the fileserver. This function was necessary to support Python 2. This speeds up loading the list cache by 80-90x. #66835$$$$$$Issue 66837: Fixes an issue with the network.local_port_tcp function where it was not parsing the IPv4 mapped IPv6 address correctly. The ::ffff: is now removed and only the IP address is returned. #66837$$$$$$Better handling output of systemctl --version with salt.grains.core._systemd #66856$$$$$$Upgrade relenv to 0.
Salt Minion LTS MSI x64 Version 30.06.10
Salt 3006.10 release notes$$$Changelog$$$Removed$$$Remove psutil_compat.py file; which should have been removed when RHEL 6 EOL #66467$$$$$$Removed dependency on bsdmainutils package for Debian and Ubuntu #67184$$$$$$Deprecated$$$Drop Arch Linux support #66886$$$$$$Removed support for end of life Python 3.7 and 3.8 from pre-commit and requirements #67729$$$$$$Fixed$$$Commands on Windows are now prefixed with cmd /c so that compound commands (commands separated by &&) run properly when using runas #44736$$$$$$Issue 58969: Fixes an issue with saltclass.expand_classes_in_order function where it was losing nested classes states during class expansion. The logic now use salt.utils.odict.OrderedDict to keep the inclusion ordering. #58969$$$$$$Fix issue with RunAs on Windows so that usernames of all numeric characters are handled as strings #59344$$$$$$Fixed an issue on Windows where checking success_retcodes when using the runas parameter would fail. Now success_retcodes are checked correctly #59977$$$$$$Fix an issue with cmd.script in Windows so that the exit code from a script will be passed through to the retcode of the state #60884$$$$$$Fixed an issue uninstalling packages on Windows using pkg.removed where there are multiple versions of the same software installed #61001$$$$$$Ensure file clients for runner; wheel; local and caller are available from the client_cache if called upon. #61416$$$$$$Convert stdin string to bytes regardless of stdin_raw_newlines #62501$$$$$$Issue 63933: Fixes an issue with saltclass.expanded_dict_from_minion function where it was passing a reference to minion dict which was overridden by nested classes during class expansion. Copy the node definition with copy.deepcopy instead of passing a reference. #63933$$$$$$Fixed an intermittent issue with file.recurse where the state would report failure even on success. Makes sure symlinks are created after the target file is created #64630$$$$$$The profile outputter does not crash with incorrectly formatted data #65104$$$$$$Updating version comparison for rpm and removed obsolete comparison methods for rpms #65443$$$$$$Fix batch mode hang indefinitely in some scenarios #66249$$$$$$Applying selinux.fcontext_policy_present to a shorter path than an existing entry now works #66252$$$$$$Correct bash-completion for Debian / Ubuntu #66560$$$$$$Fix minion config option startup_states #66592$$$$$$Fixed an issue with cmd.run with requirements when the shell is not the default #66596$$$$$$Fixes an issue when getting account names using the get_name function in the win_dacl.py salt util. Capability SIDs return None. SIDs for deleted accounts return the SID. SIDs for domain accounts where the system is not connected to the domain return the SID. #66637$$$$$$Fixed an issue where status.master wasnt detecting a connection to the specified master properly #66716$$$$$$Fixed win_wua.available when some of the update objects are empty CDispatch objects. The available function no longer crashes #66718$$$$$$Clean up multiprocessing file handles on minion #66726$$$$$$Fixed nacl.keygen for not yet existing sk_file or pk_file #66772$$$$$$fix yaml output #66783$$$$$$Fixed an issue where enabling grain_opts in the minion config would cause some core grains to be overwritten. #66784$$$$$$Fix an issue where files created using salt.utils.atomicile.atomic_open() were created with restrictive permissions instead of respecting the umask. #66786$$$$$$Fix bad async_method name on AsyncPubClient class #66789$$$$$$Ensure Manjaro ARM reports the correct os_family of Arch. #66796$$$$$$Removed salt.utils.data.decode usage from the fileserver. This function was necessary to support Python 2. This speeds up loading the list cache by 80-90x. #66835$$$$$$Issue 66837: Fixes an issue with the network.local_port_tcp function where it was not parsing the IPv4 mapped IPv6 address correctly. The ::ffff: is now removed and only the IP address is returned. #66837$$$$$$Better handling output of systemctl --version with salt.grains.core._systemd #66856$$$$$$Upgrade relenv to 0.
Salt Minion LTS EXE x86 Version 3006.10
Salt 3006.10 release notes$$$Changelog$$$Removed$$$Remove psutil_compat.py file; which should have been removed when RHEL 6 EOL #66467$$$$$$Removed dependency on bsdmainutils package for Debian and Ubuntu #67184$$$$$$Deprecated$$$Drop Arch Linux support #66886$$$$$$Removed support for end of life Python 3.7 and 3.8 from pre-commit and requirements #67729$$$$$$Fixed$$$Commands on Windows are now prefixed with cmd /c so that compound commands (commands separated by &&) run properly when using runas #44736$$$$$$Issue 58969: Fixes an issue with saltclass.expand_classes_in_order function where it was losing nested classes states during class expansion. The logic now use salt.utils.odict.OrderedDict to keep the inclusion ordering. #58969$$$$$$Fix issue with RunAs on Windows so that usernames of all numeric characters are handled as strings #59344$$$$$$Fixed an issue on Windows where checking success_retcodes when using the runas parameter would fail. Now success_retcodes are checked correctly #59977$$$$$$Fix an issue with cmd.script in Windows so that the exit code from a script will be passed through to the retcode of the state #60884$$$$$$Fixed an issue uninstalling packages on Windows using pkg.removed where there are multiple versions of the same software installed #61001$$$$$$Ensure file clients for runner; wheel; local and caller are available from the client_cache if called upon. #61416$$$$$$Convert stdin string to bytes regardless of stdin_raw_newlines #62501$$$$$$Issue 63933: Fixes an issue with saltclass.expanded_dict_from_minion function where it was passing a reference to minion dict which was overridden by nested classes during class expansion. Copy the node definition with copy.deepcopy instead of passing a reference. #63933$$$$$$Fixed an intermittent issue with file.recurse where the state would report failure even on success. Makes sure symlinks are created after the target file is created #64630$$$$$$The profile outputter does not crash with incorrectly formatted data #65104$$$$$$Updating version comparison for rpm and removed obsolete comparison methods for rpms #65443$$$$$$Fix batch mode hang indefinitely in some scenarios #66249$$$$$$Applying selinux.fcontext_policy_present to a shorter path than an existing entry now works #66252$$$$$$Correct bash-completion for Debian / Ubuntu #66560$$$$$$Fix minion config option startup_states #66592$$$$$$Fixed an issue with cmd.run with requirements when the shell is not the default #66596$$$$$$Fixes an issue when getting account names using the get_name function in the win_dacl.py salt util. Capability SIDs return None. SIDs for deleted accounts return the SID. SIDs for domain accounts where the system is not connected to the domain return the SID. #66637$$$$$$Fixed an issue where status.master wasnt detecting a connection to the specified master properly #66716$$$$$$Fixed win_wua.available when some of the update objects are empty CDispatch objects. The available function no longer crashes #66718$$$$$$Clean up multiprocessing file handles on minion #66726$$$$$$Fixed nacl.keygen for not yet existing sk_file or pk_file #66772$$$$$$fix yaml output #66783$$$$$$Fixed an issue where enabling grain_opts in the minion config would cause some core grains to be overwritten. #66784$$$$$$Fix an issue where files created using salt.utils.atomicile.atomic_open() were created with restrictive permissions instead of respecting the umask. #66786$$$$$$Fix bad async_method name on AsyncPubClient class #66789$$$$$$Ensure Manjaro ARM reports the correct os_family of Arch. #66796$$$$$$Removed salt.utils.data.decode usage from the fileserver. This function was necessary to support Python 2. This speeds up loading the list cache by 80-90x. #66835$$$$$$Issue 66837: Fixes an issue with the network.local_port_tcp function where it was not parsing the IPv4 mapped IPv6 address correctly. The ::ffff: is now removed and only the IP address is returned. #66837$$$$$$Better handling output of systemctl --version with salt.grains.core._systemd #66856$$$$$$Upgrade relenv to 0.
Salt Minion LTS EXE x64 Version 3006.10
Salt 3006.10 release notes$$$Changelog$$$Removed$$$Remove psutil_compat.py file; which should have been removed when RHEL 6 EOL #66467$$$$$$Removed dependency on bsdmainutils package for Debian and Ubuntu #67184$$$$$$Deprecated$$$Drop Arch Linux support #66886$$$$$$Removed support for end of life Python 3.7 and 3.8 from pre-commit and requirements #67729$$$$$$Fixed$$$Commands on Windows are now prefixed with cmd /c so that compound commands (commands separated by &&) run properly when using runas #44736$$$$$$Issue 58969: Fixes an issue with saltclass.expand_classes_in_order function where it was losing nested classes states during class expansion. The logic now use salt.utils.odict.OrderedDict to keep the inclusion ordering. #58969$$$$$$Fix issue with RunAs on Windows so that usernames of all numeric characters are handled as strings #59344$$$$$$Fixed an issue on Windows where checking success_retcodes when using the runas parameter would fail. Now success_retcodes are checked correctly #59977$$$$$$Fix an issue with cmd.script in Windows so that the exit code from a script will be passed through to the retcode of the state #60884$$$$$$Fixed an issue uninstalling packages on Windows using pkg.removed where there are multiple versions of the same software installed #61001$$$$$$Ensure file clients for runner; wheel; local and caller are available from the client_cache if called upon. #61416$$$$$$Convert stdin string to bytes regardless of stdin_raw_newlines #62501$$$$$$Issue 63933: Fixes an issue with saltclass.expanded_dict_from_minion function where it was passing a reference to minion dict which was overridden by nested classes during class expansion. Copy the node definition with copy.deepcopy instead of passing a reference. #63933$$$$$$Fixed an intermittent issue with file.recurse where the state would report failure even on success. Makes sure symlinks are created after the target file is created #64630$$$$$$The profile outputter does not crash with incorrectly formatted data #65104$$$$$$Updating version comparison for rpm and removed obsolete comparison methods for rpms #65443$$$$$$Fix batch mode hang indefinitely in some scenarios #66249$$$$$$Applying selinux.fcontext_policy_present to a shorter path than an existing entry now works #66252$$$$$$Correct bash-completion for Debian / Ubuntu #66560$$$$$$Fix minion config option startup_states #66592$$$$$$Fixed an issue with cmd.run with requirements when the shell is not the default #66596$$$$$$Fixes an issue when getting account names using the get_name function in the win_dacl.py salt util. Capability SIDs return None. SIDs for deleted accounts return the SID. SIDs for domain accounts where the system is not connected to the domain return the SID. #66637$$$$$$Fixed an issue where status.master wasnt detecting a connection to the specified master properly #66716$$$$$$Fixed win_wua.available when some of the update objects are empty CDispatch objects. The available function no longer crashes #66718$$$$$$Clean up multiprocessing file handles on minion #66726$$$$$$Fixed nacl.keygen for not yet existing sk_file or pk_file #66772$$$$$$fix yaml output #66783$$$$$$Fixed an issue where enabling grain_opts in the minion config would cause some core grains to be overwritten. #66784$$$$$$Fix an issue where files created using salt.utils.atomicile.atomic_open() were created with restrictive permissions instead of respecting the umask. #66786$$$$$$Fix bad async_method name on AsyncPubClient class #66789$$$$$$Ensure Manjaro ARM reports the correct os_family of Arch. #66796$$$$$$Removed salt.utils.data.decode usage from the fileserver. This function was necessary to support Python 2. This speeds up loading the list cache by 80-90x. #66835$$$$$$Issue 66837: Fixes an issue with the network.local_port_tcp function where it was not parsing the IPv4 mapped IPv6 address correctly. The ::ffff: is now removed and only the IP address is returned. #66837$$$$$$Better handling output of systemctl --version with salt.grains.core._systemd #66856$$$$$$Upgrade relenv to 0.
Salt Version 3007.1
Automation and infrastructure management engine
Salt Minion LTS MSI x86 Version 30.06.9
Salt 3006.9 release notes$$$Changelog$$$Deprecated$$$Drop CentOS 7 support #66623$$$$$$No longer build RPM packages with CentOS Stream 9 #66624$$$$$$Fixed$$$Made slsutil.renderer work with salt-ssh #50196$$$$$$Fixed defaults.merge is not available when using salt-ssh #51605$$$$$$Fixed config.get does not support merge option with salt-ssh #56441$$$$$$Update to include croniter in pkg requirements #57649$$$$$$Fixed state.test does not work with salt-ssh #61100$$$$$$Made slsutil.findup work with salt-ssh #61143$$$$$$Fixes multiple issues with the cmd module on Windows. Scripts are called using the -File parameter to the powershell binary. CLIXML data in stderr is now removed (only applies to encoded commands). Commands can now be sent to cmd.powershell as a list. Makes sure JSON data returned is valid. Strips whitespace from the return when using runas. #61166$$$$$$Fixed the win_lgpo_netsh salt util to handle non-English systems. This was a rewrite to use PowerShell instead of netsh to make the changes on the system #61534$$$$$$file.replace and file.search work properly with /proc files #63102$$$$$$Fix utf8 handling in pass renderer #64300$$$$$$Fixed incorrect version argument will be ignored for multiple package targets warning when using pkgs argument to yumpkg module. #64563$$$$$$salt-cloud honors root_dir config setting for log_file location and fixes for root_dir locations on windows. #64728$$$$$$Fixed slsutil.update with salt-ssh during template rendering #65067$$$$$$Fix config.items when called on minion #65251$$$$$$Ensure on rpm and deb systems; that user and group for existing Salt; is maintained on upgrade #65264$$$$$$Fix typo in nftables module to ensure unique nft family values #65295$$$$$$pkg.installed state aggregate does not honors requires requisite #65304$$$$$$Added SSH wrapper for logmod #65630$$$$$$Fix for GitFS failure to unlock lock file; and resource cleanup for process SIGTERM #65816$$$$$$Corrected x509_v2 CRL creation last_update and next_update values when system timezone is not UTC #65837$$$$$$Make sure the root minion process handles SIGUSR1 and emits a traceback like its child processes #66095$$$$$$Replaced pyvenv with builtin venv for virtualenv_mod #66132$$$$$$Made file.managed skip download of a remote source if the managed file already exists with the correct hash #66342$$$$$$Fix win_task ExecutionTimeLimit and result/error code interpretation #66347; #66441$$$$$$Fixed nftables.build_rule breaks ipv6 rules by using the wrong syntax for source and destination addresses #66382$$$$$$Fixed x509_v2 certificate.managed crash for locally signed certificates if the signing policy defines signing_private_key #66414$$$$$$Fixed parallel state execution with Salt-SSH #66514$$$$$$Fix support for FIPS approved encryption and signing algorithms. #66579$$$$$$Fix relative file_roots paths #66588$$$$$$Fixed an issue with cmd.run with requirements when the shell is not the default #66596$$$$$$Fix RPM package provides #66604$$$$$$Upgrade relAenv to 0.16.1. This release fixes several package installs for salt-pip #66632$$$$$$Upgrade relenv to 0.17.0 (https://github.com/saltstack/relenv/blob/v0.17.0/CHANGELOG.md) #66663$$$$$$Upgrade dependencies due to security issues:$$$$$$pymysql>=1.1.1$$$$$$requests>=2.32.0$$$$$$docker>=7.1.0 #66666$$$$$$Corrected missed line in branch 3006.x when backporting from PR 61620 and 65044 #66683$$$$$$Remove debug output from shell scripts for packaging #66747$$$$$$Added$$$Add Ubuntu 24.04 support #66180$$$$$$Add Fedora 40 support; replacing Fedora 39 #66300$$$$$$Build RPM packages with Rocky Linux 9 (instead of CentOS Stream 9) #66624$$$$$$Security$$$Bump to jinja2==3.1.4 due to https://github.com/advisories/GHSA-h75v-3vvj-5mfj #66488$$$$$$CVE-2024-37088 salt-call will fail with exit code 1 if bad pillar data is encountered. #66702
Salt Minion LTS MSI x64 Version 30.06.9
Salt 3006.9 release notes$$$Changelog$$$Deprecated$$$Drop CentOS 7 support #66623$$$$$$No longer build RPM packages with CentOS Stream 9 #66624$$$$$$Fixed$$$Made slsutil.renderer work with salt-ssh #50196$$$$$$Fixed defaults.merge is not available when using salt-ssh #51605$$$$$$Fixed config.get does not support merge option with salt-ssh #56441$$$$$$Update to include croniter in pkg requirements #57649$$$$$$Fixed state.test does not work with salt-ssh #61100$$$$$$Made slsutil.findup work with salt-ssh #61143$$$$$$Fixes multiple issues with the cmd module on Windows. Scripts are called using the -File parameter to the powershell binary. CLIXML data in stderr is now removed (only applies to encoded commands). Commands can now be sent to cmd.powershell as a list. Makes sure JSON data returned is valid. Strips whitespace from the return when using runas. #61166$$$$$$Fixed the win_lgpo_netsh salt util to handle non-English systems. This was a rewrite to use PowerShell instead of netsh to make the changes on the system #61534$$$$$$file.replace and file.search work properly with /proc files #63102$$$$$$Fix utf8 handling in pass renderer #64300$$$$$$Fixed incorrect version argument will be ignored for multiple package targets warning when using pkgs argument to yumpkg module. #64563$$$$$$salt-cloud honors root_dir config setting for log_file location and fixes for root_dir locations on windows. #64728$$$$$$Fixed slsutil.update with salt-ssh during template rendering #65067$$$$$$Fix config.items when called on minion #65251$$$$$$Ensure on rpm and deb systems; that user and group for existing Salt; is maintained on upgrade #65264$$$$$$Fix typo in nftables module to ensure unique nft family values #65295$$$$$$pkg.installed state aggregate does not honors requires requisite #65304$$$$$$Added SSH wrapper for logmod #65630$$$$$$Fix for GitFS failure to unlock lock file; and resource cleanup for process SIGTERM #65816$$$$$$Corrected x509_v2 CRL creation last_update and next_update values when system timezone is not UTC #65837$$$$$$Make sure the root minion process handles SIGUSR1 and emits a traceback like its child processes #66095$$$$$$Replaced pyvenv with builtin venv for virtualenv_mod #66132$$$$$$Made file.managed skip download of a remote source if the managed file already exists with the correct hash #66342$$$$$$Fix win_task ExecutionTimeLimit and result/error code interpretation #66347; #66441$$$$$$Fixed nftables.build_rule breaks ipv6 rules by using the wrong syntax for source and destination addresses #66382$$$$$$Fixed x509_v2 certificate.managed crash for locally signed certificates if the signing policy defines signing_private_key #66414$$$$$$Fixed parallel state execution with Salt-SSH #66514$$$$$$Fix support for FIPS approved encryption and signing algorithms. #66579$$$$$$Fix relative file_roots paths #66588$$$$$$Fixed an issue with cmd.run with requirements when the shell is not the default #66596$$$$$$Fix RPM package provides #66604$$$$$$Upgrade relAenv to 0.16.1. This release fixes several package installs for salt-pip #66632$$$$$$Upgrade relenv to 0.17.0 (https://github.com/saltstack/relenv/blob/v0.17.0/CHANGELOG.md) #66663$$$$$$Upgrade dependencies due to security issues:$$$$$$pymysql>=1.1.1$$$$$$requests>=2.32.0$$$$$$docker>=7.1.0 #66666$$$$$$Corrected missed line in branch 3006.x when backporting from PR 61620 and 65044 #66683$$$$$$Remove debug output from shell scripts for packaging #66747$$$$$$Added$$$Add Ubuntu 24.04 support #66180$$$$$$Add Fedora 40 support; replacing Fedora 39 #66300$$$$$$Build RPM packages with Rocky Linux 9 (instead of CentOS Stream 9) #66624$$$$$$Security$$$Bump to jinja2==3.1.4 due to https://github.com/advisories/GHSA-h75v-3vvj-5mfj #66488$$$$$$CVE-2024-37088 salt-call will fail with exit code 1 if bad pillar data is encountered. #66702
Salt Minion LTS EXE x86 Version 3006.9
Changelog$$$Deprecated$$$Drop CentOS 7 support #66623$$$$$$No longer build RPM packages with CentOS Stream 9 #66624$$$$$$Fixed$$$Made slsutil.renderer work with salt-ssh #50196$$$$$$Fixed defaults.merge is not available when using salt-ssh #51605$$$$$$Fixed config.get does not support merge option with salt-ssh #56441$$$$$$Update to include croniter in pkg requirements #57649$$$$$$Fixed state.test does not work with salt-ssh #61100$$$$$$Made slsutil.findup work with salt-ssh #61143$$$$$$Fixes multiple issues with the cmd module on Windows. Scripts are called using the -File parameter to the powershell binary. CLIXML data in stderr is now removed (only applies to encoded commands). Commands can now be sent to cmd.powershell as a list. Makes sure JSON data returned is valid. Strips whitespace from the return when using runas. #61166$$$$$$Fixed the win_lgpo_netsh salt util to handle non-English systems. This was a rewrite to use PowerShell instead of netsh to make the changes on the system #61534$$$$$$file.replace and file.search work properly with /proc files #63102$$$$$$Fix utf8 handling in pass renderer #64300$$$$$$Fixed incorrect version argument will be ignored for multiple package targets warning when using pkgs argument to yumpkg module. #64563$$$$$$salt-cloud honors root_dir config setting for log_file location and fixes for root_dir locations on windows. #64728$$$$$$Fixed slsutil.update with salt-ssh during template rendering #65067$$$$$$Fix config.items when called on minion #65251$$$$$$Ensure on rpm and deb systems; that user and group for existing Salt; is maintained on upgrade #65264$$$$$$Fix typo in nftables module to ensure unique nft family values #65295$$$$$$pkg.installed state aggregate does not honors requires requisite #65304$$$$$$Added SSH wrapper for logmod #65630$$$$$$Fix for GitFS failure to unlock lock file; and resource cleanup for process SIGTERM #65816$$$$$$Corrected x509_v2 CRL creation last_update and next_update values when system timezone is not UTC #65837$$$$$$Make sure the root minion process handles SIGUSR1 and emits a traceback like its child processes #66095$$$$$$Replaced pyvenv with builtin venv for virtualenv_mod #66132$$$$$$Made file.managed skip download of a remote source if the managed file already exists with the correct hash #66342$$$$$$Fix win_task ExecutionTimeLimit and result/error code interpretation #66347; #66441$$$$$$Fixed nftables.build_rule breaks ipv6 rules by using the wrong syntax for source and destination addresses #66382$$$$$$Fixed x509_v2 certificate.managed crash for locally signed certificates if the signing policy defines signing_private_key #66414$$$$$$Fixed parallel state execution with Salt-SSH #66514$$$$$$Fix support for FIPS approved encryption and signing algorithms. #66579$$$$$$Fix relative file_roots paths #66588$$$$$$Fixed an issue with cmd.run with requirements when the shell is not the default #66596$$$$$$Fix RPM package provides #66604$$$$$$Upgrade relAenv to 0.16.1. This release fixes several package installs for salt-pip #66632$$$$$$Upgrade relenv to 0.17.0 (https://github.com/saltstack/relenv/blob/v0.17.0/CHANGELOG.md) #66663$$$$$$Upgrade dependencies due to security issues:$$$$$$pymysql>=1.1.1$$$$$$requests>=2.32.0$$$$$$docker>=7.1.0 #66666$$$$$$Corrected missed line in branch 3006.x when backporting from PR 61620 and 65044 #66683$$$$$$Remove debug output from shell scripts for packaging #66747$$$$$$Added$$$Add Ubuntu 24.04 support #66180$$$$$$Add Fedora 40 support; replacing Fedora 39 #66300$$$$$$Build RPM packages with Rocky Linux 9 (instead of CentOS Stream 9) #66624$$$$$$Security$$$Bump to jinja2==3.1.4 due to https://github.com/advisories/GHSA-h75v-3vvj-5mfj #66488$$$$$$CVE-2024-37088 salt-call will fail with exit code 1 if bad pillar data is encountered. #66702
Salt Minion LTS EXE x64 Version 3006.9
Salt 3006.9 release notes$$$Changelog$$$Deprecated$$$Drop CentOS 7 support #66623$$$$$$No longer build RPM packages with CentOS Stream 9 #66624$$$$$$Fixed$$$Made slsutil.renderer work with salt-ssh #50196$$$$$$Fixed defaults.merge is not available when using salt-ssh #51605$$$$$$Fixed config.get does not support merge option with salt-ssh #56441$$$$$$Update to include croniter in pkg requirements #57649$$$$$$Fixed state.test does not work with salt-ssh #61100$$$$$$Made slsutil.findup work with salt-ssh #61143$$$$$$Fixes multiple issues with the cmd module on Windows. Scripts are called using the -File parameter to the powershell binary. CLIXML data in stderr is now removed (only applies to encoded commands). Commands can now be sent to cmd.powershell as a list. Makes sure JSON data returned is valid. Strips whitespace from the return when using runas. #61166$$$$$$Fixed the win_lgpo_netsh salt util to handle non-English systems. This was a rewrite to use PowerShell instead of netsh to make the changes on the system #61534$$$$$$file.replace and file.search work properly with /proc files #63102$$$$$$Fix utf8 handling in pass renderer #64300$$$$$$Fixed incorrect version argument will be ignored for multiple package targets warning when using pkgs argument to yumpkg module. #64563$$$$$$salt-cloud honors root_dir config setting for log_file location and fixes for root_dir locations on windows. #64728$$$$$$Fixed slsutil.update with salt-ssh during template rendering #65067$$$$$$Fix config.items when called on minion #65251$$$$$$Ensure on rpm and deb systems; that user and group for existing Salt; is maintained on upgrade #65264$$$$$$Fix typo in nftables module to ensure unique nft family values #65295$$$$$$pkg.installed state aggregate does not honors requires requisite #65304$$$$$$Added SSH wrapper for logmod #65630$$$$$$Fix for GitFS failure to unlock lock file; and resource cleanup for process SIGTERM #65816$$$$$$Corrected x509_v2 CRL creation last_update and next_update values when system timezone is not UTC #65837$$$$$$Make sure the root minion process handles SIGUSR1 and emits a traceback like its child processes #66095$$$$$$Replaced pyvenv with builtin venv for virtualenv_mod #66132$$$$$$Made file.managed skip download of a remote source if the managed file already exists with the correct hash #66342$$$$$$Fix win_task ExecutionTimeLimit and result/error code interpretation #66347; #66441$$$$$$Fixed nftables.build_rule breaks ipv6 rules by using the wrong syntax for source and destination addresses #66382$$$$$$Fixed x509_v2 certificate.managed crash for locally signed certificates if the signing policy defines signing_private_key #66414$$$$$$Fixed parallel state execution with Salt-SSH #66514$$$$$$Fix support for FIPS approved encryption and signing algorithms. #66579$$$$$$Fix relative file_roots paths #66588$$$$$$Fixed an issue with cmd.run with requirements when the shell is not the default #66596$$$$$$Fix RPM package provides #66604$$$$$$Upgrade relAenv to 0.16.1. This release fixes several package installs for salt-pip #66632$$$$$$Upgrade relenv to 0.17.0 (https://github.com/saltstack/relenv/blob/v0.17.0/CHANGELOG.md) #66663$$$$$$Upgrade dependencies due to security issues:$$$$$$pymysql>=1.1.1$$$$$$requests>=2.32.0$$$$$$docker>=7.1.0 #66666$$$$$$Corrected missed line in branch 3006.x when backporting from PR 61620 and 65044 #66683$$$$$$Remove debug output from shell scripts for packaging #66747$$$$$$Added$$$Add Ubuntu 24.04 support #66180$$$$$$Add Fedora 40 support; replacing Fedora 39 #66300$$$$$$Build RPM packages with Rocky Linux 9 (instead of CentOS Stream 9) #66624$$$$$$Security$$$Bump to jinja2==3.1.4 due to https://github.com/advisories/GHSA-h75v-3vvj-5mfj #66488$$$$$$CVE-2024-37088 salt-call will fail with exit code 1 if bad pillar data is encountered. #66702
Salt Minion STS EXE x86 Version 3007.6
Salt 3007.6 release notes$$$Changelog$$$Fixed$$$Onedir packages include relenv 0.19.4.$$$$$$Update sqlite to 3500200$$$$$$Update libffi to 3.5.1$$$$$$Update python 3.13 to 3.13.5$$$$$$Load default openssl modules when no system openssl binary exists #68014$$$$$$pkgrepo.managed not applying changes / account for name attr being part of the state #68107$$$$$$Fix test mode causing unintended execution when non-boolean values are passed. #68121
Salt Minion STS EXE x86 Version 3007.6
Salt 3007.6 release notes$$$Changelog$$$Fixed$$$Onedir packages include relenv 0.19.4.$$$$$$Update sqlite to 3500200$$$$$$Update libffi to 3.5.1$$$$$$Update python 3.13 to 3.13.5$$$$$$Load default openssl modules when no system openssl binary exists #68014$$$$$$pkgrepo.managed not applying changes / account for name attr being part of the state #68107$$$$$$Fix test mode causing unintended execution when non-boolean values are passed. #68121
Salt Minion STS EXE x86 Version 3007.5
(release-3007.5)=$$$$$$Salt 3007.5 release notes$$$Changelog$$$Fixed$$$Zeromq RequestServer continues to serve requests after encountering an un-handled exception #66519$$$$$$Added support for icmpv6-type to salt.modules.nftables #67882
Salt Minion STS EXE x86 Version 3007.5
(release-3007.5)=$$$$$$Salt 3007.5 release notes$$$Changelog$$$Fixed$$$Zeromq RequestServer continues to serve requests after encountering an un-handled exception #66519$$$$$$Added support for icmpv6-type to salt.modules.nftables #67882
Salt Minion STS EXE x86 Version 3007.4
Salt 3007.4 release notes$$$Changelog$$$Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.$$$$$$CVSS Score 9.6 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N$$$$$$CVE-2024-38825 The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication; as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.
Salt Minion STS EXE x86 Version 3007.4
Salt 3007.4 release notes$$$Changelog$$$Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.$$$$$$CVSS Score 9.6 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N$$$$$$CVE-2024-38825 The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication; as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.
Salt Minion STS EXE x86 Version 3007.4
Salt 3007.4 release notes$$$Changelog$$$Fixed$$$CVE-2024-38822 Multiple methods in the salt master skip minion token validation. Therefore a misbehaving minion can impersonate another minion.$$$$$$CVSS 2.7 V:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38823 Salts request server is vulnerable to replay attacks when not using a TLS encrypted transport.$$$$$$CVSS Score 2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N$$$$$$CVE-2024-38824 Directory traversal vulnerability in recv_file method allows arbitrary files to be written to the master cache directory.$$$$$$CVSS Score 9.6 AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N$$$$$$CVE-2024-38825 The salt.auth.pki module does not properly authenticate callers. The password field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication; as the caller does not need access to the corresponding private key for the authentication attempt to be accepted.
Salt Minion STS MSI x86 Version 30.07.1
SALT 3007.1 RELEASE NOTES$$$CHANGELOG$$$REMOVED$$$The salt.utils.psutil_compat was deprecated and now removed in Salt 3008. Please use the psutil module directly. #66160$$$$$$FIXED$$$Fixes multiple issues with the cmd module on Windows. Scripts are called using the -File parameter to the powershell binary. CLIXML data in stderr is now removed (only applies to encoded commands). Commands can now be sent to cmd.powershell as a list. Makes sure JSON data returned is valid. Strips whitespace from the return when using runas. #61166$$$$$$Fixed the win_lgpo_netsh salt util to handle non-English systems. This was a rewrite to use PowerShell instead of netsh to make the changes on the system #61534$$$$$$Fix typo in nftables module to ensure unique nft family values #65295$$$$$$Corrected x509_v2 CRL creation last_update and next_update values when system timezone is not UTC #65837$$$$$$Fix for NoneType cant be used in await expression error. #66177$$$$$$Log Publish server binding pub to messages to debug instead of error level. #66179$$$$$$Fix syndic startup by making payload handler a coroutine #66237$$$$$$Fixed aptpkg.remove unable to locate package error for non-existent package #66260$$$$$$Fixed pillar.ls doesnt accept kwargs #66262$$$$$$Fix cache directory setting in Master Cluster tutorial #66264$$$$$$Change log level of successful master cluster key exchange from error to info. #66266$$$$$$Made file.managed skip download of a remote source if the managed file already exists with the correct hash #66342$$$$$$Fixed nftables.build_rule breaks ipv6 rules by using the wrong syntax for source and destination addresses #66382$$$$$$ADDED$$$Added the ability to pass a version of chocolatey to install to the chocolatey.bootstrap function. Also added states to bootstrap and unbootstrap chocolatey. #64722$$$$$$Add Ubuntu 24.04 support #66180$$$$$$Add Fedora 40 support; replacing Fedora 39 #66300$$$$$$SECURITY$$$Bump to pydantic==2.6.4 due to https://github.com/advisories/GHSA-mr82-8j83-vxmv #66433$$$$$$Bump to jinja2==3.1.4 due to https://github.com/advisories/GHSA-h75v-3vvj-5mfj #66488
Salt Minion STS MSI x64 Version 30.07.1
SALT 3007.1 RELEASE NOTES$$$CHANGELOG$$$REMOVED$$$The salt.utils.psutil_compat was deprecated and now removed in Salt 3008. Please use the psutil module directly. #66160$$$$$$FIXED$$$Fixes multiple issues with the cmd module on Windows. Scripts are called using the -File parameter to the powershell binary. CLIXML data in stderr is now removed (only applies to encoded commands). Commands can now be sent to cmd.powershell as a list. Makes sure JSON data returned is valid. Strips whitespace from the return when using runas. #61166$$$$$$Fixed the win_lgpo_netsh salt util to handle non-English systems. This was a rewrite to use PowerShell instead of netsh to make the changes on the system #61534$$$$$$Fix typo in nftables module to ensure unique nft family values #65295$$$$$$Corrected x509_v2 CRL creation last_update and next_update values when system timezone is not UTC #65837$$$$$$Fix for NoneType cant be used in await expression error. #66177$$$$$$Log Publish server binding pub to messages to debug instead of error level. #66179$$$$$$Fix syndic startup by making payload handler a coroutine #66237$$$$$$Fixed aptpkg.remove unable to locate package error for non-existent package #66260$$$$$$Fixed pillar.ls doesnt accept kwargs #66262$$$$$$Fix cache directory setting in Master Cluster tutorial #66264$$$$$$Change log level of successful master cluster key exchange from error to info. #66266$$$$$$Made file.managed skip download of a remote source if the managed file already exists with the correct hash #66342$$$$$$Fixed nftables.build_rule breaks ipv6 rules by using the wrong syntax for source and destination addresses #66382$$$$$$ADDED$$$Added the ability to pass a version of chocolatey to install to the chocolatey.bootstrap function. Also added states to bootstrap and unbootstrap chocolatey. #64722$$$$$$Add Ubuntu 24.04 support #66180$$$$$$Add Fedora 40 support; replacing Fedora 39 #66300$$$$$$SECURITY$$$Bump to pydantic==2.6.4 due to https://github.com/advisories/GHSA-mr82-8j83-vxmv #66433$$$$$$Bump to jinja2==3.1.4 due to https://github.com/advisories/GHSA-h75v-3vvj-5mfj #66488
Salt Minion STS EXE x86 Version 3007.1
SALT 3007.1 RELEASE NOTES$$$CHANGELOG$$$REMOVED$$$The salt.utils.psutil_compat was deprecated and now removed in Salt 3008. Please use the psutil module directly. #66160$$$$$$FIXED$$$Fixes multiple issues with the cmd module on Windows. Scripts are called using the -File parameter to the powershell binary. CLIXML data in stderr is now removed (only applies to encoded commands). Commands can now be sent to cmd.powershell as a list. Makes sure JSON data returned is valid. Strips whitespace from the return when using runas. #61166$$$$$$Fixed the win_lgpo_netsh salt util to handle non-English systems. This was a rewrite to use PowerShell instead of netsh to make the changes on the system #61534$$$$$$Fix typo in nftables module to ensure unique nft family values #65295$$$$$$Corrected x509_v2 CRL creation last_update and next_update values when system timezone is not UTC #65837$$$$$$Fix for NoneType cant be used in await expression error. #66177$$$$$$Log Publish server binding pub to messages to debug instead of error level. #66179$$$$$$Fix syndic startup by making payload handler a coroutine #66237$$$$$$Fixed aptpkg.remove unable to locate package error for non-existent package #66260$$$$$$Fixed pillar.ls doesnt accept kwargs #66262$$$$$$Fix cache directory setting in Master Cluster tutorial #66264$$$$$$Change log level of successful master cluster key exchange from error to info. #66266$$$$$$Made file.managed skip download of a remote source if the managed file already exists with the correct hash #66342$$$$$$Fixed nftables.build_rule breaks ipv6 rules by using the wrong syntax for source and destination addresses #66382$$$$$$ADDED$$$Added the ability to pass a version of chocolatey to install to the chocolatey.bootstrap function. Also added states to bootstrap and unbootstrap chocolatey. #64722$$$$$$Add Ubuntu 24.04 support #66180$$$$$$Add Fedora 40 support; replacing Fedora 39 #66300$$$$$$SECURITY$$$Bump to pydantic==2.6.4 due to https://github.com/advisories/GHSA-mr82-8j83-vxmv #66433$$$$$$Bump to jinja2==3.1.4 due to https://github.com/advisories/GHSA-h75v-3vvj-5mfj #66488
Salt Minion STS EXE x64 Version 3007.1
SALT 3007.1 RELEASE NOTES$$$CHANGELOG$$$REMOVED$$$The salt.utils.psutil_compat was deprecated and now removed in Salt 3008. Please use the psutil module directly. #66160$$$$$$FIXED$$$Fixes multiple issues with the cmd module on Windows. Scripts are called using the -File parameter to the powershell binary. CLIXML data in stderr is now removed (only applies to encoded commands). Commands can now be sent to cmd.powershell as a list. Makes sure JSON data returned is valid. Strips whitespace from the return when using runas. #61166$$$$$$Fixed the win_lgpo_netsh salt util to handle non-English systems. This was a rewrite to use PowerShell instead of netsh to make the changes on the system #61534$$$$$$Fix typo in nftables module to ensure unique nft family values #65295$$$$$$Corrected x509_v2 CRL creation last_update and next_update values when system timezone is not UTC #65837$$$$$$Fix for NoneType cant be used in await expression error. #66177$$$$$$Log Publish server binding pub to messages to debug instead of error level. #66179$$$$$$Fix syndic startup by making payload handler a coroutine #66237$$$$$$Fixed aptpkg.remove unable to locate package error for non-existent package #66260$$$$$$Fixed pillar.ls doesnt accept kwargs #66262$$$$$$Fix cache directory setting in Master Cluster tutorial #66264$$$$$$Change log level of successful master cluster key exchange from error to info. #66266$$$$$$Made file.managed skip download of a remote source if the managed file already exists with the correct hash #66342$$$$$$Fixed nftables.build_rule breaks ipv6 rules by using the wrong syntax for source and destination addresses #66382$$$$$$ADDED$$$Added the ability to pass a version of chocolatey to install to the chocolatey.bootstrap function. Also added states to bootstrap and unbootstrap chocolatey. #64722$$$$$$Add Ubuntu 24.04 support #66180$$$$$$Add Fedora 40 support; replacing Fedora 39 #66300$$$$$$SECURITY$$$Bump to pydantic==2.6.4 due to https://github.com/advisories/GHSA-mr82-8j83-vxmv #66433$$$$$$Bump to jinja2==3.1.4 due to https://github.com/advisories/GHSA-h75v-3vvj-5mfj #66488
Salt Minion STS MSI x64 Version 30.07.0
***Refer this page for full details*** $$$https://docs.saltproject.io/en/latest/topics/releases/3007.0.html $$$$$$CHANGELOG$$$REMOVED$$$Removed RHEL 5 support since long since end-of-lifed #62520$$$$$$Removing Azure-Cloud modules from the code base. #64322$$$$$$Dropped Python 3.7 support since its EOL in 27 Jun 2023 #64417$$$$$$Remove salt.payload.Serial #64459$$$$$$Remove netmiko_conn and pyeapi_conn from salt.modules.napalm_mod #64460$$$$$$Removed transport arg from salt.utils.event.get_event #64461$$$$$$Removed the usage of retired Linode API v3 from Salt Cloud #64517$$$$$$DEPRECATED$$$Deprecate all Proxmox cloud modules #64224$$$$$$Deprecate all the Vault modules in favor of the Vault Salt Extension https://github.com/salt-extensions/saltext-vault. The Vault modules will be removed in Salt core in 3009.0. #64893$$$$$$Deprecate all the Docker modules in favor of the Docker Salt Extension https://github.com/saltstack/saltext-docker. The Docker modules will be removed in Salt core in 3009.0. #64894$$$$$$Deprecate all the Zabbix modules in favor of the Zabbix Salt Extension https://github.com/salt-extensions/saltext-zabbix. The Zabbix modules will be removed in Salt core in 3009.0. #64896$$$$$$Deprecate all the Apache modules in favor of the Apache Salt Extension https://github.com/salt-extensions/saltext-apache. The Apache modules will be removed in Salt core in 3009.0. #64909$$$$$$Deprecation warning for Salts backport of OrderedDict class which will be removed in 3009 #65542$$$$$$Deprecate Kubernetes modules for move to saltext-kubernetes in version 3009 #65565$$$$$$Deprecated all Pushover modules in favor of the Salt Extension at https://github.com/salt-extensions/saltext-pushover. The Pushover modules will be removed from Salt core in 3009.0 #65567$$$$$$Removed deprecated code:$$$$$$All of salt/log/ which has been on a deprecation path for a long time.$$$$$$Some of the logging handlers found in salt/_logging/handlers have been removed since the standard library provides them.$$$$$$Removed the deprecated salt/modules/cassandra_mod.py module and any tests for it.$$$$$$Removed the deprecated salt/returners/cassandra_return.py module and any tests for it.$$$$$$Removed the deprecated salt/returners/django_return.py module and any tests for it. #65986$$$$$$CHANGED$$$Masquerade property will not default to false turning off masquerade if not specified. #53120$$$$$$Addressed Python 3.11 deprecations:$$$$$$Switch to FullArgSpec since Py 3.11 no longer has ArgSpec; deprecated since Py 3.0$$$$$$Stopped using the deprecated cgi module.$$$$$$Stopped using the deprecated pipes module$$$$$$Stopped using the deprecated imp module #64457$$$$$$changed gpg_decrypt_must_succeed default from False to True #64462
Salt Minion STS MSI x86 Version 30.07.0
***Refer this page for full details*** $$$https://docs.saltproject.io/en/latest/topics/releases/3007.0.html $$$$$$CHANGELOG$$$REMOVED$$$Removed RHEL 5 support since long since end-of-lifed #62520$$$$$$Removing Azure-Cloud modules from the code base. #64322$$$$$$Dropped Python 3.7 support since its EOL in 27 Jun 2023 #64417$$$$$$Remove salt.payload.Serial #64459$$$$$$Remove netmiko_conn and pyeapi_conn from salt.modules.napalm_mod #64460$$$$$$Removed transport arg from salt.utils.event.get_event #64461$$$$$$Removed the usage of retired Linode API v3 from Salt Cloud #64517$$$$$$DEPRECATED$$$Deprecate all Proxmox cloud modules #64224$$$$$$Deprecate all the Vault modules in favor of the Vault Salt Extension https://github.com/salt-extensions/saltext-vault. The Vault modules will be removed in Salt core in 3009.0. #64893$$$$$$Deprecate all the Docker modules in favor of the Docker Salt Extension https://github.com/saltstack/saltext-docker. The Docker modules will be removed in Salt core in 3009.0. #64894$$$$$$Deprecate all the Zabbix modules in favor of the Zabbix Salt Extension https://github.com/salt-extensions/saltext-zabbix. The Zabbix modules will be removed in Salt core in 3009.0. #64896$$$$$$Deprecate all the Apache modules in favor of the Apache Salt Extension https://github.com/salt-extensions/saltext-apache. The Apache modules will be removed in Salt core in 3009.0. #64909$$$$$$Deprecation warning for Salts backport of OrderedDict class which will be removed in 3009 #65542$$$$$$Deprecate Kubernetes modules for move to saltext-kubernetes in version 3009 #65565$$$$$$Deprecated all Pushover modules in favor of the Salt Extension at https://github.com/salt-extensions/saltext-pushover. The Pushover modules will be removed from Salt core in 3009.0 #65567$$$$$$Removed deprecated code:$$$$$$All of salt/log/ which has been on a deprecation path for a long time.$$$$$$Some of the logging handlers found in salt/_logging/handlers have been removed since the standard library provides them.$$$$$$Removed the deprecated salt/modules/cassandra_mod.py module and any tests for it.$$$$$$Removed the deprecated salt/returners/cassandra_return.py module and any tests for it.$$$$$$Removed the deprecated salt/returners/django_return.py module and any tests for it. #65986$$$$$$CHANGED$$$Masquerade property will not default to false turning off masquerade if not specified. #53120$$$$$$Addressed Python 3.11 deprecations:$$$$$$Switch to FullArgSpec since Py 3.11 no longer has ArgSpec; deprecated since Py 3.0$$$$$$Stopped using the deprecated cgi module.$$$$$$Stopped using the deprecated pipes module$$$$$$Stopped using the deprecated imp module #64457$$$$$$changed gpg_decrypt_must_succeed default from False to True #64462
Salt Minion STS EXE x86 Version 3007.0
***Refer this page for full details*** $$$https://docs.saltproject.io/en/latest/topics/releases/3007.0.html $$$$$$CHANGELOG$$$REMOVED$$$Removed RHEL 5 support since long since end-of-lifed #62520$$$$$$Removing Azure-Cloud modules from the code base. #64322$$$$$$Dropped Python 3.7 support since its EOL in 27 Jun 2023 #64417$$$$$$Remove salt.payload.Serial #64459$$$$$$Remove netmiko_conn and pyeapi_conn from salt.modules.napalm_mod #64460$$$$$$Removed transport arg from salt.utils.event.get_event #64461$$$$$$Removed the usage of retired Linode API v3 from Salt Cloud #64517$$$$$$DEPRECATED$$$Deprecate all Proxmox cloud modules #64224$$$$$$Deprecate all the Vault modules in favor of the Vault Salt Extension https://github.com/salt-extensions/saltext-vault. The Vault modules will be removed in Salt core in 3009.0. #64893$$$$$$Deprecate all the Docker modules in favor of the Docker Salt Extension https://github.com/saltstack/saltext-docker. The Docker modules will be removed in Salt core in 3009.0. #64894$$$$$$Deprecate all the Zabbix modules in favor of the Zabbix Salt Extension https://github.com/salt-extensions/saltext-zabbix. The Zabbix modules will be removed in Salt core in 3009.0. #64896$$$$$$Deprecate all the Apache modules in favor of the Apache Salt Extension https://github.com/salt-extensions/saltext-apache. The Apache modules will be removed in Salt core in 3009.0. #64909$$$$$$Deprecation warning for Salts backport of OrderedDict class which will be removed in 3009 #65542$$$$$$Deprecate Kubernetes modules for move to saltext-kubernetes in version 3009 #65565$$$$$$Deprecated all Pushover modules in favor of the Salt Extension at https://github.com/salt-extensions/saltext-pushover. The Pushover modules will be removed from Salt core in 3009.0 #65567$$$$$$Removed deprecated code:$$$$$$All of salt/log/ which has been on a deprecation path for a long time.$$$$$$Some of the logging handlers found in salt/_logging/handlers have been removed since the standard library provides them.$$$$$$Removed the deprecated salt/modules/cassandra_mod.py module and any tests for it.$$$$$$Removed the deprecated salt/returners/cassandra_return.py module and any tests for it.$$$$$$Removed the deprecated salt/returners/django_return.py module and any tests for it. #65986$$$$$$CHANGED$$$Masquerade property will not default to false turning off masquerade if not specified. #53120$$$$$$Addressed Python 3.11 deprecations:$$$$$$Switch to FullArgSpec since Py 3.11 no longer has ArgSpec; deprecated since Py 3.0$$$$$$Stopped using the deprecated cgi module.$$$$$$Stopped using the deprecated pipes module$$$$$$Stopped using the deprecated imp module #64457$$$$$$changed gpg_decrypt_must_succeed default from False to True #64462
Salt Minion STS EXE x64 Version 3007.0
***Refer this page for full details*** $$$https://docs.saltproject.io/en/latest/topics/releases/3007.0.html $$$$$$CHANGELOG$$$REMOVED$$$Removed RHEL 5 support since long since end-of-lifed #62520$$$$$$Removing Azure-Cloud modules from the code base. #64322$$$$$$Dropped Python 3.7 support since its EOL in 27 Jun 2023 #64417$$$$$$Remove salt.payload.Serial #64459$$$$$$Remove netmiko_conn and pyeapi_conn from salt.modules.napalm_mod #64460$$$$$$Removed transport arg from salt.utils.event.get_event #64461$$$$$$Removed the usage of retired Linode API v3 from Salt Cloud #64517$$$$$$DEPRECATED$$$Deprecate all Proxmox cloud modules #64224$$$$$$Deprecate all the Vault modules in favor of the Vault Salt Extension https://github.com/salt-extensions/saltext-vault. The Vault modules will be removed in Salt core in 3009.0. #64893$$$$$$Deprecate all the Docker modules in favor of the Docker Salt Extension https://github.com/saltstack/saltext-docker. The Docker modules will be removed in Salt core in 3009.0. #64894$$$$$$Deprecate all the Zabbix modules in favor of the Zabbix Salt Extension https://github.com/salt-extensions/saltext-zabbix. The Zabbix modules will be removed in Salt core in 3009.0. #64896$$$$$$Deprecate all the Apache modules in favor of the Apache Salt Extension https://github.com/salt-extensions/saltext-apache. The Apache modules will be removed in Salt core in 3009.0. #64909$$$$$$Deprecation warning for Salts backport of OrderedDict class which will be removed in 3009 #65542$$$$$$Deprecate Kubernetes modules for move to saltext-kubernetes in version 3009 #65565$$$$$$Deprecated all Pushover modules in favor of the Salt Extension at https://github.com/salt-extensions/saltext-pushover. The Pushover modules will be removed from Salt core in 3009.0 #65567$$$$$$Removed deprecated code:$$$$$$All of salt/log/ which has been on a deprecation path for a long time.$$$$$$Some of the logging handlers found in salt/_logging/handlers have been removed since the standard library provides them.$$$$$$Removed the deprecated salt/modules/cassandra_mod.py module and any tests for it.$$$$$$Removed the deprecated salt/returners/cassandra_return.py module and any tests for it.$$$$$$Removed the deprecated salt/returners/django_return.py module and any tests for it. #65986$$$$$$CHANGED$$$Masquerade property will not default to false turning off masquerade if not specified. #53120$$$$$$Addressed Python 3.11 deprecations:$$$$$$Switch to FullArgSpec since Py 3.11 no longer has ArgSpec; deprecated since Py 3.0$$$$$$Stopped using the deprecated cgi module.$$$$$$Stopped using the deprecated pipes module$$$$$$Stopped using the deprecated imp module #64457$$$$$$changed gpg_decrypt_must_succeed default from False to True #64462
Salt Minion EXE x86 Version 3006.5
SALT 3006.5 RELEASE NOTES$$$CHANGELOG$$$REMOVED$$$Tech Debt - support for pysss removed due to functionality addition in Python 3.3 #65029$$$$$$FIXED$$$Improved error message when state arguments are accidentally passed as a string #38098$$$$$$Allow pip.install to create a log file that is passed in if the parent directory is writeable #44722$$$$$$Fixed merging of complex pillar overrides with salt-ssh states #59802$$$$$$Fixed gpg pillar rendering with salt-ssh #60002$$$$$$Made salt-ssh states not re-render pillars unnecessarily #62230$$$$$$Made Salt maintain options in Debian package repo definitions #64130$$$$$$Migrated all invoke tasks to python-tools-scripts.$$$$$$tasks/docs.py -> tools/precommit/docs.py$$$$$$tasks/docstrings.py -> tools/precommit/docstrings.py$$$$$$tasks/loader.py -> tools/precommit/loader.py$$$$$$tasks/filemap.py -> tools/precommit/filemap.py #64374$$$$$$Fix salt user login shell path in Debian packages #64377$$$$$$Fill out lsb_distrib_xxxx (best estimate) grains if problems with retrieving lsb_release data #64473$$$$$$Fixed an issue in the file.directory state where the children_only keyword argument was not being respected. #64497$$$$$$Move salt.ufw to correct location /etc/ufw/applications.d/ #64572$$$$$$Fixed salt-ssh stacktrace when retcode is not an integer #64575$$$$$$Fixed SSH shell seldomly fails to report any exit code #64588$$$$$$Fixed some issues in x509_v2 execution module private key functions #64597$$$$$$Fixed grp.getgrall() in utils/user.py causing performance issues #64888$$$$$$Fix user.list_groups omits remote groups via sssd; etc. #64953$$$$$$Ensure sync from _grains occurs before attempting pillar compilation in case custom grain used in pillar file #65027$$$$$$Moved gitfs locks to salt working dir to avoid lock wipes #65086$$$$$$Only attempt to create a keys directory when --gen-keys is passed to the salt-key CLI #65093$$$$$$Fix nonce verification; request server replies do not stomp on eachother. #65114$$$$$$speed up yumpkg list_pkgs by not requiring digest or signature verification on lookup. #65152$$$$$$Fix pkg.latest failing on windows for winrepo packages where the package is already up to date #65165$$$$$$Ensure kwarg is preserved when checking for kwargs. This change affects proxy minions when used with Deltaproxy; which had kwargs popped when targeting multiple minions id. #65179$$$$$$Fixes traceback when state id is an int in a reactor SLS file. #65210$$$$$$Install logrotate config as /etc/logrotate.d/salt-common for Debian packages Remove broken /etc/logrotate.d/salt directory from 3006.3 if it exists. #65231$$$$$$Use sha256 as the default hash_type. It has been the default since Salt v2016.9 #65287$$$$$$Preserve ownership on log rotation #65288$$$$$$Ensure that the correct value of jid_inclue is passed if the argument is included in the passed keyword arguments. #65302$$$$$$Uprade relenv to 0.14.2$$$$$$Update openssl to address CVE-2023-5363.$$$$$$Fix bug in openssl setup when openssl binary cant be found.$$$$$$Add M1 mac support. #65316$$$$$$Fix regex for filespec adding/deleting fcontext policy in selinux #65340$$$$$$Ensure CLI options take priority over Saltfile options #65358$$$$$$Test mode for state function saltmod.wheel no longer sets result to (None;) #65372$$$$$$Client only process events which tag conforms to an event return. #65400$$$$$$Fixes an issue setting user or machine policy on Windows when the Group Policy directory is missing #65411$$$$$$Fix regression in file module which was not re-using a file client. #65450$$$$$$pip.installed state will now properly fail when a specified user does not exists #65458$$$$$$Publish channel connect callback method properly closes its request channel. #65464$$$$$$Ensured the pillar in SSH wrapper modules is the same as the one used in template rendering when overrides are passed #65483$$$$$$Fix file.comment ignore_missing not working with multiline char #65501$$$$$$Warn when an un-closed transport client is being garbage collected. #65554$$$$$$Only generate the HMACs for libssl.so.1.1 and libcrypto.so.1.1 if those
Salt Minion EXE x64 Version 3006.5
SALT 3006.5 RELEASE NOTES$$$CHANGELOG$$$REMOVED$$$Tech Debt - support for pysss removed due to functionality addition in Python 3.3 #65029$$$$$$FIXED$$$Improved error message when state arguments are accidentally passed as a string #38098$$$$$$Allow pip.install to create a log file that is passed in if the parent directory is writeable #44722$$$$$$Fixed merging of complex pillar overrides with salt-ssh states #59802$$$$$$Fixed gpg pillar rendering with salt-ssh #60002$$$$$$Made salt-ssh states not re-render pillars unnecessarily #62230$$$$$$Made Salt maintain options in Debian package repo definitions #64130$$$$$$Migrated all invoke tasks to python-tools-scripts.$$$$$$tasks/docs.py -> tools/precommit/docs.py$$$$$$tasks/docstrings.py -> tools/precommit/docstrings.py$$$$$$tasks/loader.py -> tools/precommit/loader.py$$$$$$tasks/filemap.py -> tools/precommit/filemap.py #64374$$$$$$Fix salt user login shell path in Debian packages #64377$$$$$$Fill out lsb_distrib_xxxx (best estimate) grains if problems with retrieving lsb_release data #64473$$$$$$Fixed an issue in the file.directory state where the children_only keyword argument was not being respected. #64497$$$$$$Move salt.ufw to correct location /etc/ufw/applications.d/ #64572$$$$$$Fixed salt-ssh stacktrace when retcode is not an integer #64575$$$$$$Fixed SSH shell seldomly fails to report any exit code #64588$$$$$$Fixed some issues in x509_v2 execution module private key functions #64597$$$$$$Fixed grp.getgrall() in utils/user.py causing performance issues #64888$$$$$$Fix user.list_groups omits remote groups via sssd; etc. #64953$$$$$$Ensure sync from _grains occurs before attempting pillar compilation in case custom grain used in pillar file #65027$$$$$$Moved gitfs locks to salt working dir to avoid lock wipes #65086$$$$$$Only attempt to create a keys directory when --gen-keys is passed to the salt-key CLI #65093$$$$$$Fix nonce verification; request server replies do not stomp on eachother. #65114$$$$$$speed up yumpkg list_pkgs by not requiring digest or signature verification on lookup. #65152$$$$$$Fix pkg.latest failing on windows for winrepo packages where the package is already up to date #65165$$$$$$Ensure kwarg is preserved when checking for kwargs. This change affects proxy minions when used with Deltaproxy; which had kwargs popped when targeting multiple minions id. #65179$$$$$$Fixes traceback when state id is an int in a reactor SLS file. #65210$$$$$$Install logrotate config as /etc/logrotate.d/salt-common for Debian packages Remove broken /etc/logrotate.d/salt directory from 3006.3 if it exists. #65231$$$$$$Use sha256 as the default hash_type. It has been the default since Salt v2016.9 #65287$$$$$$Preserve ownership on log rotation #65288$$$$$$Ensure that the correct value of jid_inclue is passed if the argument is included in the passed keyword arguments. #65302$$$$$$Uprade relenv to 0.14.2$$$$$$Update openssl to address CVE-2023-5363.$$$$$$Fix bug in openssl setup when openssl binary cant be found.$$$$$$Add M1 mac support. #65316$$$$$$Fix regex for filespec adding/deleting fcontext policy in selinux #65340$$$$$$Ensure CLI options take priority over Saltfile options #65358$$$$$$Test mode for state function saltmod.wheel no longer sets result to (None;) #65372$$$$$$Client only process events which tag conforms to an event return. #65400$$$$$$Fixes an issue setting user or machine policy on Windows when the Group Policy directory is missing #65411$$$$$$Fix regression in file module which was not re-using a file client. #65450$$$$$$pip.installed state will now properly fail when a specified user does not exists #65458$$$$$$Publish channel connect callback method properly closes its request channel. #65464$$$$$$Ensured the pillar in SSH wrapper modules is the same as the one used in template rendering when overrides are passed #65483$$$$$$Fix file.comment ignore_missing not working with multiline char #65501$$$$$$Warn when an un-closed transport client is being garbage collected. #65554$$$$$$Only generate the HMACs for libssl.so.1.1 and libcrypto.so.1.1 if those
Salt Minion MSI x86 Version 30.06.5
SALT 3006.5 RELEASE NOTES$$$CHANGELOG$$$REMOVED$$$Tech Debt - support for pysss removed due to functionality addition in Python 3.3 #65029$$$$$$FIXED$$$Improved error message when state arguments are accidentally passed as a string #38098$$$$$$Allow pip.install to create a log file that is passed in if the parent directory is writeable #44722$$$$$$Fixed merging of complex pillar overrides with salt-ssh states #59802$$$$$$Fixed gpg pillar rendering with salt-ssh #60002$$$$$$Made salt-ssh states not re-render pillars unnecessarily #62230$$$$$$Made Salt maintain options in Debian package repo definitions #64130$$$$$$Migrated all invoke tasks to python-tools-scripts.$$$$$$tasks/docs.py -> tools/precommit/docs.py$$$$$$tasks/docstrings.py -> tools/precommit/docstrings.py$$$$$$tasks/loader.py -> tools/precommit/loader.py$$$$$$tasks/filemap.py -> tools/precommit/filemap.py #64374$$$$$$Fix salt user login shell path in Debian packages #64377$$$$$$Fill out lsb_distrib_xxxx (best estimate) grains if problems with retrieving lsb_release data #64473$$$$$$Fixed an issue in the file.directory state where the children_only keyword argument was not being respected. #64497$$$$$$Move salt.ufw to correct location /etc/ufw/applications.d/ #64572$$$$$$Fixed salt-ssh stacktrace when retcode is not an integer #64575$$$$$$Fixed SSH shell seldomly fails to report any exit code #64588$$$$$$Fixed some issues in x509_v2 execution module private key functions #64597$$$$$$Fixed grp.getgrall() in utils/user.py causing performance issues #64888$$$$$$Fix user.list_groups omits remote groups via sssd; etc. #64953$$$$$$Ensure sync from _grains occurs before attempting pillar compilation in case custom grain used in pillar file #65027$$$$$$Moved gitfs locks to salt working dir to avoid lock wipes #65086$$$$$$Only attempt to create a keys directory when --gen-keys is passed to the salt-key CLI #65093$$$$$$Fix nonce verification; request server replies do not stomp on eachother. #65114$$$$$$speed up yumpkg list_pkgs by not requiring digest or signature verification on lookup. #65152$$$$$$Fix pkg.latest failing on windows for winrepo packages where the package is already up to date #65165$$$$$$Ensure kwarg is preserved when checking for kwargs. This change affects proxy minions when used with Deltaproxy; which had kwargs popped when targeting multiple minions id. #65179$$$$$$Fixes traceback when state id is an int in a reactor SLS file. #65210$$$$$$Install logrotate config as /etc/logrotate.d/salt-common for Debian packages Remove broken /etc/logrotate.d/salt directory from 3006.3 if it exists. #65231$$$$$$Use sha256 as the default hash_type. It has been the default since Salt v2016.9 #65287$$$$$$Preserve ownership on log rotation #65288$$$$$$Ensure that the correct value of jid_inclue is passed if the argument is included in the passed keyword arguments. #65302$$$$$$Uprade relenv to 0.14.2$$$$$$Update openssl to address CVE-2023-5363.$$$$$$Fix bug in openssl setup when openssl binary cant be found.$$$$$$Add M1 mac support. #65316$$$$$$Fix regex for filespec adding/deleting fcontext policy in selinux #65340$$$$$$Ensure CLI options take priority over Saltfile options #65358$$$$$$Test mode for state function saltmod.wheel no longer sets result to (None;) #65372$$$$$$Client only process events which tag conforms to an event return. #65400$$$$$$Fixes an issue setting user or machine policy on Windows when the Group Policy directory is missing #65411$$$$$$Fix regression in file module which was not re-using a file client. #65450$$$$$$pip.installed state will now properly fail when a specified user does not exists #65458$$$$$$Publish channel connect callback method properly closes its request channel. #65464$$$$$$Ensured the pillar in SSH wrapper modules is the same as the one used in template rendering when overrides are passed #65483$$$$$$Fix file.comment ignore_missing not working with multiline char #65501$$$$$$Warn when an un-closed transport client is being garbage collected. #65554$$$$$$Only generate the HMACs for libssl.so.1.1 and libcrypto.so.1.1 if those
Salt Minion MSI x64 Version 30.06.5
SALT 3006.5 RELEASE NOTES$$$CHANGELOG$$$REMOVED$$$Tech Debt - support for pysss removed due to functionality addition in Python 3.3 #65029$$$$$$FIXED$$$Improved error message when state arguments are accidentally passed as a string #38098$$$$$$Allow pip.install to create a log file that is passed in if the parent directory is writeable #44722$$$$$$Fixed merging of complex pillar overrides with salt-ssh states #59802$$$$$$Fixed gpg pillar rendering with salt-ssh #60002$$$$$$Made salt-ssh states not re-render pillars unnecessarily #62230$$$$$$Made Salt maintain options in Debian package repo definitions #64130$$$$$$Migrated all invoke tasks to python-tools-scripts.$$$$$$tasks/docs.py -> tools/precommit/docs.py$$$$$$tasks/docstrings.py -> tools/precommit/docstrings.py$$$$$$tasks/loader.py -> tools/precommit/loader.py$$$$$$tasks/filemap.py -> tools/precommit/filemap.py #64374$$$$$$Fix salt user login shell path in Debian packages #64377$$$$$$Fill out lsb_distrib_xxxx (best estimate) grains if problems with retrieving lsb_release data #64473$$$$$$Fixed an issue in the file.directory state where the children_only keyword argument was not being respected. #64497$$$$$$Move salt.ufw to correct location /etc/ufw/applications.d/ #64572$$$$$$Fixed salt-ssh stacktrace when retcode is not an integer #64575$$$$$$Fixed SSH shell seldomly fails to report any exit code #64588$$$$$$Fixed some issues in x509_v2 execution module private key functions #64597$$$$$$Fixed grp.getgrall() in utils/user.py causing performance issues #64888$$$$$$Fix user.list_groups omits remote groups via sssd; etc. #64953$$$$$$Ensure sync from _grains occurs before attempting pillar compilation in case custom grain used in pillar file #65027$$$$$$Moved gitfs locks to salt working dir to avoid lock wipes #65086$$$$$$Only attempt to create a keys directory when --gen-keys is passed to the salt-key CLI #65093$$$$$$Fix nonce verification; request server replies do not stomp on eachother. #65114$$$$$$speed up yumpkg list_pkgs by not requiring digest or signature verification on lookup. #65152$$$$$$Fix pkg.latest failing on windows for winrepo packages where the package is already up to date #65165$$$$$$Ensure kwarg is preserved when checking for kwargs. This change affects proxy minions when used with Deltaproxy; which had kwargs popped when targeting multiple minions id. #65179$$$$$$Fixes traceback when state id is an int in a reactor SLS file. #65210$$$$$$Install logrotate config as /etc/logrotate.d/salt-common for Debian packages Remove broken /etc/logrotate.d/salt directory from 3006.3 if it exists. #65231$$$$$$Use sha256 as the default hash_type. It has been the default since Salt v2016.9 #65287$$$$$$Preserve ownership on log rotation #65288$$$$$$Ensure that the correct value of jid_inclue is passed if the argument is included in the passed keyword arguments. #65302$$$$$$Uprade relenv to 0.14.2$$$$$$Update openssl to address CVE-2023-5363.$$$$$$Fix bug in openssl setup when openssl binary cant be found.$$$$$$Add M1 mac support. #65316$$$$$$Fix regex for filespec adding/deleting fcontext policy in selinux #65340$$$$$$Ensure CLI options take priority over Saltfile options #65358$$$$$$Test mode for state function saltmod.wheel no longer sets result to (None;) #65372$$$$$$Client only process events which tag conforms to an event return. #65400$$$$$$Fixes an issue setting user or machine policy on Windows when the Group Policy directory is missing #65411$$$$$$Fix regression in file module which was not re-using a file client. #65450$$$$$$pip.installed state will now properly fail when a specified user does not exists #65458$$$$$$Publish channel connect callback method properly closes its request channel. #65464$$$$$$Ensured the pillar in SSH wrapper modules is the same as the one used in template rendering when overrides are passed #65483$$$$$$Fix file.comment ignore_missing not working with multiline char #65501$$$$$$Warn when an un-closed transport client is being garbage collected. #65554$$$$$$Only generate the HMACs for libssl.so.1.1 and libcrypto.so.1.1 if those
Salt Minion EXE x64 Version 3006.4
SALT 3006.4 RELEASE NOTES$$$CHANGELOG$$$SECURITY$$$Fix CVE-2023-34049 by ensuring we do not use a predictable name for the script and correctly check returncode of scp command. This only impacts salt-ssh users using the pre-flight option. #cve-2023-34049$$$$$$Update to gitpython>=3.1.35 due to https://github.com/advisories/GHSA-wfm5-v35h-vwf4 and https://github.com/advisories/GHSA-cwvm-v4w8-q58c #65163$$$$$$Bump to cryptography==41.0.4 due to https://github.com/advisories/GHSA-v8gr-m533-ghj9 #65268$$$$$$Upgrade relenv to 0.13.12 to address CVE-2023-4807 #65316$$$$$$Bump to urllib3==1.26.17 or urllib3==2.0.6 due to https://github.com/advisories/GHSA-v845-jxx5-vc9f #65334$$$$$$Bump to gitpython==3.1.37 due to https://github.com/advisories/GHSA-cwvm-v4w8-q58c #65383$$$$$$
Salt Minion MSI x86 Version 30.06.4
SALT 3006.4 RELEASE NOTES$$$CHANGELOG$$$SECURITY$$$Fix CVE-2023-34049 by ensuring we do not use a predictable name for the script and correctly check returncode of scp command. This only impacts salt-ssh users using the pre-flight option. #cve-2023-34049$$$$$$Update to gitpython>=3.1.35 due to https://github.com/advisories/GHSA-wfm5-v35h-vwf4 and https://github.com/advisories/GHSA-cwvm-v4w8-q58c #65163$$$$$$Bump to cryptography==41.0.4 due to https://github.com/advisories/GHSA-v8gr-m533-ghj9 #65268$$$$$$Upgrade relenv to 0.13.12 to address CVE-2023-4807 #65316$$$$$$Bump to urllib3==1.26.17 or urllib3==2.0.6 due to https://github.com/advisories/GHSA-v845-jxx5-vc9f #65334$$$$$$Bump to gitpython==3.1.37 due to https://github.com/advisories/GHSA-cwvm-v4w8-q58c #65383$$$$$$
Salt Minion MSI x64 Version 30.06.4
SALT 3006.4 RELEASE NOTES$$$CHANGELOG$$$SECURITY$$$Fix CVE-2023-34049 by ensuring we do not use a predictable name for the script and correctly check returncode of scp command. This only impacts salt-ssh users using the pre-flight option. #cve-2023-34049$$$$$$Update to gitpython>=3.1.35 due to https://github.com/advisories/GHSA-wfm5-v35h-vwf4 and https://github.com/advisories/GHSA-cwvm-v4w8-q58c #65163$$$$$$Bump to cryptography==41.0.4 due to https://github.com/advisories/GHSA-v8gr-m533-ghj9 #65268$$$$$$Upgrade relenv to 0.13.12 to address CVE-2023-4807 #65316$$$$$$Bump to urllib3==1.26.17 or urllib3==2.0.6 due to https://github.com/advisories/GHSA-v845-jxx5-vc9f #65334$$$$$$Bump to gitpython==3.1.37 due to https://github.com/advisories/GHSA-cwvm-v4w8-q58c #65383$$$$$$
Salt Minion EXE x86 Version 3006.4
SALT 3006.4 RELEASE NOTES$$$CHANGELOG$$$SECURITY$$$Fix CVE-2023-34049 by ensuring we do not use a predictable name for the script and correctly check returncode of scp command. This only impacts salt-ssh users using the pre-flight option. #cve-2023-34049$$$$$$Update to gitpython>=3.1.35 due to https://github.com/advisories/GHSA-wfm5-v35h-vwf4 and https://github.com/advisories/GHSA-cwvm-v4w8-q58c #65163$$$$$$Bump to cryptography==41.0.4 due to https://github.com/advisories/GHSA-v8gr-m533-ghj9 #65268$$$$$$Upgrade relenv to 0.13.12 to address CVE-2023-4807 #65316$$$$$$Bump to urllib3==1.26.17 or urllib3==2.0.6 due to https://github.com/advisories/GHSA-v845-jxx5-vc9f #65334$$$$$$Bump to gitpython==3.1.37 due to https://github.com/advisories/GHSA-cwvm-v4w8-q58c #65383
Salt Minion EXE x64 Version 3006.3
SALT 3006.3 RELEASE NOTES$$$CHANGELOG$$$REMOVED$$$Fedora 36 support was removed because it reached EOL #64315$$$$$$Handle deprecation warnings:$$$$$$Switch to FullArgSpec since Py 3.11 no longer has ArgSpec; deprecated since Py 3.0$$$$$$Stop using the deprecated cgi module$$$$$$Stop using the deprecated pipes module$$$$$$Stop using the deprecated imp module #64553$$$$$$CHANGED$$$Replace libnacl with PyNaCl #64372$$$$$$Dont hardcode the python version on the Salt Package tests and on the pkg/debian/salt-cloud.postinst file #64553$$$$$$Some more deprecated code fixes:$$$$$$Stop using the deprecated locale.getdefaultlocale() function$$$$$$Stop accessing deprecated attributes$$$$$$pathlib.Path.__enter__() usage is deprecated and not required; a no-op #64565$$$$$$Bump to pyyaml==6.0.1 due to https://github.com/yaml/pyyaml/issues/601 and address lint issues #64657$$$$$$FIXED$$$Fix for assume role when used salt-cloud to create aws ec2. #52501$$$$$$fixes aptpkg module by checking for blank comps. #58667$$$$$$wheel.file_roots.find is now able to find files in subdirectories of the roots. #59800$$$$$$pkg.latest no longer fails when multiple versions are reported to be installed (e.g. updating the kernel) #60931$$$$$$Do not update the credentials dictionary in utils/aws.py while iterating over it; and use the correct delete functionality #61049$$$$$$fixed runner not having a proper exit code when runner modules throw an exception. #61173$$$$$$pip.list_all_versions now works with index_url and extra_index_url #61610$$$$$$speed up file.recurse by using prefix with cp.list_master_dir and remove an un-needed loop. #61998$$$$$$Preserve test=True condition while running sub states. #62590