Addresses multiple CVEs, details at: https://saltproject.io/security_announcements/active-saltstack-cve-release-2021-feb-25
Feel like it is also worth calling out this as well: https://github.com/saltstack/salt-enhancement-proposals/blob/master/accepted/0022-old-releases.md
They don't seem to be following it at the moment (as 3002.x are all still in the main repo) but could become an issue later since salt is pinned to certain releases.