Overview All releases

Version History

1.16.2 1.16.1 1.16.0 1.15.8 1.15.7 1.15.6 1.15.5 1.15.4 1.15.3 1.15.2 1.15.1 1.15.0 1.14.12 1.14.11 1.14.10 1.14.9 1.14.8 1.14.7 1.14.6 1.14.5 1.14.4 1.14.3

1.14.2

1.14.1 1.14.0 1.13.13 1.13.12 1.13.11 1.13.10 1.13.9 1.13.8 1.13.7 1.13.6 1.13.5 1.13.4 1.13.3 1.13.2 1.13.1 1.13.0 1.12.11 1.12.10 1.12.9 1.12.8 1.12.7 1.12.6 1.12.5 1.12.4 1.12.3 1.12.2 1.12.1 1.12.0 1.11.12 1.11.11 1.11.10 1.11.9 1.11.8 1.11.7 1.11.6 1.11.5 1.11.4 1.11.3 1.11.2 1.11.1 1.11.0 1.10.11 1.10.10 1.10.9 1.10.8 1.10.7 1.10.6 1.10.5 1.10.4 1.10.3 1.10.2 1.10.1 1.10.0 1.9.10 1.9.9 1.9.8 1.9.7 1.9.6 1.9.5 1.9.4 1.9.3

1.9.2

1.9.1

1.9.0

1.8.12 1.8.11 1.8.10 1.8.9 1.8.8

1.8.7

1.8.6

1.8.5

1.8.4

1.8.3

1.8.2

1.8.1

1.8.0

1.7.10 1.7.9

1.7.8

1.7.7

1.7.6

1.7.5

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.7

1.6.6

1.6.5

1.6.4

1.6.3

1.6.2

1.6.1

1.6.0

1.5.9

1.5.8

1.5.7

1.5.6

1.5.5

1.5.4

1.5.3

1.5.2

1.5.1

1.5.0

1.4.7

1.4.6

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.10

1.3.9

1.3.8

1.3.7

1.3.6

1.3.5

1.3.4

1.3.3

1.3.2

1.3.1

1.2.7

1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.3

1.0.2

1.0.1

1.0.0

0.11.6

0.11.5

0.11.4

0.11.3

0.11.2

0.11.1

0.11.0

0.10.4

0.10.3

0.10.2

0.10.1

0.10.0

0.9.6

0.9.5

0.9.4

0.9.3

0.9.2

0.9.1

0.9.0

0.8.3

0.8.2

0.8.1

0.8.0

0.7.3

0.7.2

0.7.1

0.7.0

0.6.5

0.6.4

0.6.3

0.6.2

0.6.1

0.6.0

0.5.3

0.5.2

0.5.1

0.5.0

0.4.1

0.4.0

0.3.1

0.3.0

0.2.0

0.1.2

0.1.1

0.1.0

Vault - 1.14.2

Security

August 30, 2023

CHANGES:

auth/azure: Update plugin to v0.16.0 [GH-22277]
core: Bump Go version to 1.20.7.
database/snowflake: Update plugin to v0.9.0 [GH-22516]

IMPROVEMENTS:

auto-auth/azure: Added Azure Workload Identity Federation support to auto-auth (for Vault Agent and Vault Proxy). [GH-22264]
core: Log rollback manager failures during unmount, remount to prevent replication failures on secondary clusters. [GH-22235]
kmip (enterprise): Add namespace lock and unlock support [GH-21925]
replication (enterprise): Make reindex less disruptive by allowing writes during the flush phase.
secrets/database: Improves error logging for static role rotations by including the database and role names. [GH-22253]
storage/raft: Cap the minimum dead_server_last_contact_threshold to 1m. [GH-22040]
ui: KV View Secret card will link to list view if input ends in "/" [GH-22502]
ui: adds allowed_user_ids field to create role form and user_ids to generate certificates form in pki [GH-22191]
ui: enables create and update KV secret workflow when control group present [GH-22471]
website/docs: Fix link formatting in Vault lambda extension docs [GH-22396]

BUG FIXES:

activity (enterprise): Fix misattribution of entities to no or child namespace auth methods [GH-18809]
agent: Environment variable VAULT_CACERT_BYTES now works for Vault Agent templates. [GH-22322]
api: Fix breakage with UNIX domain socket addresses introduced by newest Go versions as a security fix. [GH-22523]
core (enterprise): Remove MFA Configuration for namespace when deleting namespace
core/metrics: vault.raft_storage.bolt.write.time should be a counter not a summary [GH-22468]
core/quotas (enterprise): Fix a case where we were applying login roles to lease count quotas in a non-login context.
Also fix a related potential deadlock. [GH-21110]
core: Remove "expiration manager is nil on tokenstore" error log for unauth requests on DR secondary as they do not have expiration manager. [GH-22137]
core: Fix bug where background thread to update locked user entries runs on DR secondaries. [GH-22355]
core: Fix readonly errors that could occur while loading mounts/auths during unseal [GH-22362]
core: Fixed an instance where incorrect route entries would get tainted. We now pre-calculate namespace specific paths to avoid this. [GH-21470]
expiration: Fix a deadlock that could occur when a revocation failure happens while restoring leases on startup. [GH-22374]
license: Add autoloaded license path to the cache exempt list. This is to ensure the license changes on the active node is observed on the perfStandby node. [GH-22363]
replication (enterprise): Fix bug sync invalidate CoreReplicatedClusterInfoPath
replication (enterprise): Fix panic when update-primary was called on demoted clusters using update_primary_addrs
replication (enterprise): Fixing a bug by which the atomicity of a merkle diff result could be affected. This means it could be a source of a merkle-diff & sync process failing to switch into stream-wal mode afterwards.
sdk/ldaputil: Properly escape user filters when using UPN domains
sdk/ldaputil: use EscapeLDAPValue implementation from cap/ldap [GH-22249]
secrets/ldap: Fix bug causing schema and password_policy to be overwritten in config. [GH-22330]
secrets/transform (enterprise): Batch items with repeated tokens in the tokenization decode api will now contain the decoded_value element
secrets/transform (enterprise): Fix nil panic when encoding a tokenization transformation on a non-active node
secrets/transform (enterprise): Tidy operations will be re-scheduled at a minimum of every minute, not a maximum of every minute
storage/raft: Fix race where new follower joining can get pruned by dead server cleanup. [GH-20986]
ui: Fix blank page or ghost secret when canceling KV secret create [GH-22541]
ui: fixes max_versions default for secret metadata unintentionally overriding kv engine defaults [GH-22394]
ui: fixes model defaults overwriting input value when user tries to clear form input [GH-22458]
ui: fixes text readability issue in revoke token confirmation dialog [GH-22390]

Security

Security wording was detected, but no CVEs were found.

Details

date

Aug. 30, 2023, midnight

name

1.14.2

type

Patch

official page

https://github.com/hashicorp/vault/blob/main/CHANGELOG.md/#1142

👇

🔍View and search all Vault releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity