.. _release-3003-5:

========================
Salt 3003.5 (2022-07-05)
========================

Version 3003.5 is a CVE security fix release for :ref:`3003 <release-3003>`.

Fixed
-----

- Update Markup and contextfunction imports for jinja versions >=3.1. (#61848)
- Fix bug in tcp transport (#61865)
- Make sure the correct key is being used when verifying or validating communication, eg. when a Salt syndic is involved use syndic_master.pub and when a Salt minion is involved use minion_master.pub. (#61868)


Security
--------

- Fixed PAM auth to reject auth attempt if user account is locked. (cve-2022-22967)
