Overview All releases

Version History

1.16.2 1.16.1 1.16.0 1.15.8 1.15.7 1.15.6 1.15.5 1.15.4 1.15.3 1.15.2 1.15.1 1.15.0 1.14.12

1.14.11

1.14.10 1.14.9 1.14.8 1.14.7 1.14.6 1.14.5 1.14.4 1.14.3 1.14.2 1.14.1 1.14.0 1.13.13 1.13.12 1.13.11 1.13.10 1.13.9 1.13.8 1.13.7 1.13.6 1.13.5 1.13.4 1.13.3 1.13.2 1.13.1 1.13.0 1.12.11 1.12.10 1.12.9 1.12.8 1.12.7 1.12.6 1.12.5 1.12.4 1.12.3 1.12.2 1.12.1 1.12.0 1.11.12 1.11.11 1.11.10 1.11.9 1.11.8 1.11.7 1.11.6 1.11.5 1.11.4 1.11.3 1.11.2 1.11.1 1.11.0 1.10.11 1.10.10 1.10.9 1.10.8 1.10.7 1.10.6 1.10.5 1.10.4 1.10.3 1.10.2 1.10.1 1.10.0 1.9.10 1.9.9 1.9.8 1.9.7 1.9.6 1.9.5 1.9.4 1.9.3

1.9.2

1.9.1

1.9.0

1.8.12 1.8.11 1.8.10 1.8.9 1.8.8

1.8.7

1.8.6

1.8.5

1.8.4

1.8.3

1.8.2

1.8.1

1.8.0

1.7.10 1.7.9

1.7.8

1.7.7

1.7.6

1.7.5

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.7

1.6.6

1.6.5

1.6.4

1.6.3

1.6.2

1.6.1

1.6.0

1.5.9

1.5.8

1.5.7

1.5.6

1.5.5

1.5.4

1.5.3

1.5.2

1.5.1

1.5.0

1.4.7

1.4.6

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.10

1.3.9

1.3.8

1.3.7

1.3.6

1.3.5

1.3.4

1.3.3

1.3.2

1.3.1

1.2.7

1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.3

1.0.2

1.0.1

1.0.0

0.11.6

0.11.5

0.11.4

0.11.3

0.11.2

0.11.1

0.11.0

0.10.4

0.10.3

0.10.2

0.10.1

0.10.0

0.9.6

0.9.5

0.9.4

0.9.3

0.9.2

0.9.1

0.9.0

0.8.3

0.8.2

0.8.1

0.8.0

0.7.3

0.7.2

0.7.1

0.7.0

0.6.5

0.6.4

0.6.3

0.6.2

0.6.1

0.6.0

0.5.3

0.5.2

0.5.1

0.5.0

0.4.1

0.4.0

0.3.1

0.3.0

0.2.0

0.1.2

0.1.1

0.1.0

Vault - 1.14.11

Security

Enterprise

March 28, 2024

SECURITY:

auth/cert: validate OCSP response was signed by the expected issuer and serial number matched request (CVE-2024-2660) [GH-26091, HSEC-2024-07]

CHANGES:

core: Bump Go version to 1.21.8.

IMPROVEMENTS:

auth/cert: Allow validation with OCSP responses with no NextUpdate time [GH-25912]
openapi: Fix generated types for duration strings [GH-20841]
raft/snapshotagent (enterprise): upgrade raft-snapshotagent to v0.0.0-20221104090112-13395acd02c5

BUG FIXES:

auth/cert: Address an issue in which OCSP query responses were not cached [GH-25986]
auth/cert: Allow cert auth login attempts if ocsp_fail_open is true and OCSP servers are unreachable [GH-25982]
core/login: Fixed a potential deadlock when a login fails and user lockout is enabled. [GH-25697]
openapi: Fixing response fields for rekey operations [GH-25509]
ui: Fix kubernetes auth method roles tab [GH-25999]

Security

CVE-2024-2660

Details

name

1.14.11

type

Patch

official page

https://github.com/hashicorp/vault/blob/main/CHANGELOG.md/#11411

👇

🔍View and search all Vault releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity