Overview All releases

Version History

1.16.2 1.16.1 1.16.0 1.15.8

1.15.7

1.15.6 1.15.5 1.15.4 1.15.3 1.15.2 1.15.1 1.15.0 1.14.12 1.14.11 1.14.10 1.14.9 1.14.8 1.14.7 1.14.6 1.14.5 1.14.4 1.14.3 1.14.2 1.14.1 1.14.0 1.13.13 1.13.12 1.13.11 1.13.10 1.13.9 1.13.8 1.13.7 1.13.6 1.13.5 1.13.4 1.13.3 1.13.2 1.13.1 1.13.0 1.12.11 1.12.10 1.12.9 1.12.8 1.12.7 1.12.6 1.12.5 1.12.4 1.12.3 1.12.2 1.12.1 1.12.0 1.11.12 1.11.11 1.11.10 1.11.9 1.11.8 1.11.7 1.11.6 1.11.5 1.11.4 1.11.3 1.11.2 1.11.1 1.11.0 1.10.11 1.10.10 1.10.9 1.10.8 1.10.7 1.10.6 1.10.5 1.10.4 1.10.3 1.10.2 1.10.1 1.10.0 1.9.10 1.9.9 1.9.8 1.9.7 1.9.6 1.9.5 1.9.4 1.9.3

1.9.2

1.9.1

1.9.0

1.8.12 1.8.11 1.8.10 1.8.9 1.8.8

1.8.7

1.8.6

1.8.5

1.8.4

1.8.3

1.8.2

1.8.1

1.8.0

1.7.10 1.7.9

1.7.8

1.7.7

1.7.6

1.7.5

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.7

1.6.6

1.6.5

1.6.4

1.6.3

1.6.2

1.6.1

1.6.0

1.5.9

1.5.8

1.5.7

1.5.6

1.5.5

1.5.4

1.5.3

1.5.2

1.5.1

1.5.0

1.4.7

1.4.6

1.4.5

1.4.4

1.4.3

1.4.2

1.4.1

1.4.0

1.3.10

1.3.9

1.3.8

1.3.7

1.3.6

1.3.5

1.3.4

1.3.3

1.3.2

1.3.1

1.2.7

1.2.6

1.2.5

1.2.4

1.2.3

1.2.2

1.2.1

1.2.0

1.1.4

1.1.3

1.1.2

1.1.1

1.1.0

1.0.3

1.0.2

1.0.1

1.0.0

0.11.6

0.11.5

0.11.4

0.11.3

0.11.2

0.11.1

0.11.0

0.10.4

0.10.3

0.10.2

0.10.1

0.10.0

0.9.6

0.9.5

0.9.4

0.9.3

0.9.2

0.9.1

0.9.0

0.8.3

0.8.2

0.8.1

0.8.0

0.7.3

0.7.2

0.7.1

0.7.0

0.6.5

0.6.4

0.6.3

0.6.2

0.6.1

0.6.0

0.5.3

0.5.2

0.5.1

0.5.0

0.4.1

0.4.0

0.3.1

0.3.0

0.2.0

0.1.2

0.1.1

0.1.0

Vault - 1.15.7

Security

Enterprise

March 28, 2024

SECURITY:

auth/cert: validate OCSP response was signed by the expected issuer and serial number matched request (CVE-2024-2660) [GH-26091, HSEC-2024-07]

IMPROVEMENTS:

auth/cert: Allow validation with OCSP responses with no NextUpdate time [GH-25912]
core (enterprise): Avoid seal rewrapping in some specific unnecessary cases.
core (enterprise): persist seal rewrap status, so rewrap status API is consistent on secondary nodes.
ui: remove leading slash from KV version 2 secret paths [GH-25874]

BUG FIXES:

audit: Operator changes to configured audit headers (via /sys/config/auditing)
will now force invalidation and be reloaded from storage when data is replicated
to other nodes.
auth/cert: Address an issue in which OCSP query responses were not cached [GH-25986]
auth/cert: Allow cert auth login attempts if ocsp_fail_open is true and OCSP servers are unreachable [GH-25982]
cli: fixes plugin register CLI failure to error when plugin image doesn't exist [GH-24990]
core (enterprise): fix issue where the Seal HA rewrap system may remain running when an active node steps down.
core/login: Fixed a potential deadlock when a login fails and user lockout is enabled. [GH-25697]
replication (enterprise): fixed data integrity issue with the processing of identity aliases causing duplicates to occur in rare cases
ui: Fix kubernetes auth method roles tab [GH-25999]
ui: call resultant-acl without namespace header when user mounted at root namespace [GH-25766]

Security

CVE-2024-2660

Details

name

1.15.7

type

Patch

official page

https://github.com/hashicorp/vault/blob/main/CHANGELOG.md/#1157

👇

🔍View and search all Vault releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity