Vault - 1.13.7
Security
September 13, 2023
SECURITY:
- secrets/transit: fix a regression that was honoring nonces provided in non-convergent modes during encryption. [GH-22852]
CHANGES:
- core: Bump Go version to 1.20.8.
- database/snowflake: Update plugin to v0.7.3 [GH-22591]
FEATURES:
- ** Merkle Tree Corruption Detection (enterprise) **: Add a new endpoint to check merkle tree corruption.
IMPROVEMENTS:
- auth/ldap: improved login speed by adding concurrency to LDAP token group searches [GH-22659]
- core/quotas: Add configuration to allow skipping of expensive role calculations [GH-22651]
- kmip (enterprise): reduce latency of KMIP operation handling
BUG FIXES:
- cli: Fix the CLI failing to return wrapping information for KV PUT and PATCH operations when format is set to
table
. [GH-22818] - core/quotas: Only perform ResolveRoleOperation for role-based quotas and lease creation. [GH-22597]
- core/quotas: Reduce overhead for role calculation when using cloud auth methods. [GH-22583]
- core/seal: add a workaround for potential connection [hangs] in Azure autoseals. [GH-22760]
- core: All subloggers now reflect configured log level on reload. [GH-22038]
- kmip (enterprise): fix date handling error with some re-key operations
- raft/autopilot: Add dr-token flag for raft autopilot cli commands [GH-21165]
- replication (enterprise): Fix discovery of bad primary cluster addresses to be more reliable
Security
Security wording was detected, but no CVEs were found.
Details
date
Sept. 13, 2023, midnight
name
1.13.7
type
Patch
👇
Register or login to:
- 🔍View and search all Vault releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!