.. _release-3000-7:

=========================
Salt 3000.7 Release Notes
=========================

Version 3000.7 is a CVE fix release for :ref:`3000 <release-3000>`.

Fixed
-----

- CVE-2020-28243 - Fix local privilege escalation in the restartcheck module.

- CVE-2020-28972 - Ensure authentication to vcenter, vsphere, and esxi server
  validates the SSL/TLS certificate by default. If you want to skip SSL verification
  you can use `verify_ssl: False`.

- CVE-2020-35662 - Ensure the asam runner, qingcloud, splunk returner, panos
  proxy, cimc proxy, zenoss module, esxi module, vsphere module, glassfish
  module, bigip module, and keystone module validate SSL by default. If you want
  to skip SSL verification you can use `verify_ssl: False`.

- CVE-2021-3148 - Fix a command injection in the Salt-API when using the
  Salt-SSH client.

- CVE-2021-3144 - Fix eauth tokens can be used once after expiration

- CVE-2021-25281 - Fix salt-api so it honors eauth credentials for the
  wheel_async client.

- CVE-2021-25282 - Fix the salt.wheel.pillar_roots.write method so it is not
  vulnerable to directory traversal.

- CVE-2021-25283 - Fix the jinja render to protect against server side template
  injection attacks.

- CVE-2021-25284 - Fix cmdmod so it will not log credentials to log levels info
  and error.

- CVE-2021-3197 - Fix ssh client to remove ProxyCommand from arguments provided
  by cli and netapi.
