Vault - 1.10.1
April 22, 2022
CHANGES:
- core: A request that fails path validation due to relative path check will now be responded to with a 400 rather than 500. [GH-14328]
- core: Bump Go version to 1.17.9. [GH-15044]
IMPROVEMENTS:
- agent: Upgrade hashicorp/consul-template version for sprig template functions and improved writeTo function [GH-15092]
- auth: enforce a rate limit for TOTP passcode validation attempts [GH-14864]
- cli/vault: warn when policy name contains upper-case letter [GH-14670]
- cockroachdb: add high-availability support [GH-12965]
- sentinel (enterprise): Upgrade sentinel to v0.18.5 to avoid potential naming collisions in the remote installer
BUG FIXES:
- Fixed panic when adding or modifying a Duo MFA Method in Enterprise
- agent: Fix log level mismatch between ERR and ERROR [GH-14424]
- api/sys/raft: Update RaftSnapshotRestore to use net/http client allowing bodies larger than allocated memory to be streamed [GH-14269]
- api: Respect increment value in grace period calculations in LifetimeWatcher [GH-14836]
- auth/approle: Add maximum length for input values that result in SHA56 HMAC calculation [GH-14746]
- auth: forward requests subject to login MFA from perfStandby to Active node [GH-15009]
- cassandra: Update gocql Cassandra client to fix "no hosts available in the pool" error [GH-14973]
- cli: Fix panic caused by parsing key=value fields whose value is a single backslash [GH-14523]
- core (enterprise): Allow local alias create RPCs to persist alias metadata [GH-changelog:_2747]
- core/managed-keys (enterprise): Allow PKCS#11 managed keys to use 0 as a slot number
- core/metrics: Fix incorrect table size metric for local mounts [GH-14755]
- core: Fix panic caused by parsing JSON integers for fields defined as comma-delimited integers [GH-15072]
- core: Fix panic caused by parsing JSON integers for fields defined as comma-delimited strings [GH-14522]
- core: Fix panic caused by parsing policies with empty slice values. [GH-14501]
- core: Fix panic for help request URL paths without /v1/ prefix [GH-14704]
- core: fixing excessive unix file permissions [GH-14791]
- core: fixing excessive unix file permissions on dir, files and archive created by vault debug command [GH-14846]
- core: report unused or redundant keys in server configuration [GH-14752]
- core: time.After() used in a select statement can lead to memory leak [GH-14814]
- raft: Ensure initialMmapSize is set to 0 on Windows [GH-14977]
- replication (enterprise): fix panic due to missing entity during invalidation of local aliases. [GH-14622]
- secrets/database: Ensure that a
connection_url
password is redacted in all cases. [GH-14744] - secrets/pki: Fix handling of "any" key type with default zero signature bits value. [GH-14875]
- secrets/pki: Fixed bug where larger SHA-2 hashes were truncated with shorter ECDSA CA certificates [GH-14943]
- ui: Fix Generated Token's Policies helpText to clarify that comma separated values are not excepted in this field. [GH-15046]
- ui: Fixes edit auth method capabilities issue [GH-14966]
- ui: Fixes issue logging in with OIDC from a listed auth mounts tab [GH-14916]
- ui: fix search-select component showing blank selections when editing group member entity [GH-15058]
- ui: masked values no longer give away length or location of special characters [GH-15025]
Details
date
April 22, 2022, midnight
name
1.10.1
type
Patch
👇
Register or login to:
- 🔍View and search all Vault releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!