Vault - 0.11.3

Security

Verified

(October 8th, 2018)

SECURITY:

Revocation: A regression in 0.11.2 (OSS) and 0.11.0 (Enterprise) caused
lease IDs containing periods (.) to not be revoked properly. Upon startup
when revocation is tried again these should now revoke successfully.

IMPROVEMENTS:

auth/ldap: Listing of users and groups return absolute paths [GH-5537]
secret/pki: OID SANs can now specify * to allow any value [GH-5459]

BUG FIXES:

auth/ldap: Fix panic if specific values were given to be escaped [GH-5471]
cli/auth: Fix panic if vault auth was given no parameters [GH-5473]
secret/database/mongodb: Fix panic that could occur at high load [GH-5463]
secret/pki: Fix CA generation not allowing OID SANs [GH-5459]

Security

Security wording was detected, but no CVEs were found.

Details

date

Oct. 8, 2018, midnight

name

0.11.3

type

Patch

official page

https://github.com/hashicorp/vault/blob/master/CHANGELOG.md/#0113

👇

Register or login to:

🔍View and search all Vault releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

or

Username

Email

Password

Password (again)