Page MenuHomeSolus

Update vault to 1.0.1
ClosedPublic

Authored by der_eismann on Dec 15 2018, 3:44 PM.
Tags
None
Referenced Files
F11065324: D4688.id.diff
Fri, Aug 11, 4:29 PM
F11065323: D4688.id11451.diff
Fri, Aug 11, 4:29 PM
F11046630: D4688.diff
Thu, Aug 10, 1:49 PM
F11024218: D4688.diff
Tue, Aug 8, 7:56 PM
F10891724: D4688.id11451.diff
Jun 29 2023, 9:14 AM
F10891418: D4688.id11496.diff
Jun 29 2023, 2:04 AM
F10886967: D4688.diff
Jun 26 2023, 5:15 AM
F10764956: D4688.id11451.diff
May 19 2023, 10:14 AM
Subscribers

Details

Summary

Security:

  • Update of Go to 1.11.4 to fix a bug which corresponds to CVE-2018-16875
  • Database user revocation: Custom revocation statements with a vaue of "" will be stripped

Chages:

  • secret/database: On role read, empty statements will be returned as empty slices instead of potentially being returned as JSON null values.

Improvements:

  • cli: Strip iTerm extra characters from password manager input
  • core: Add operationId field to OpenAPI output
  • ui: Added ability to search for Group and Policy IDs when creating Groups and Entities instead of typing them in manually

Bug fixes:

  • auth/azure: Cache azure authorizer
  • auth/gcp: Remove explicit project for service account in GCE authorizer
  • cli: Show correct stored keys/threshold for autoseals
  • cli: Fix backwards compatibility fallback when listing plugins
  • core: Fix upgrades when the seal config had been created on early versions of vault
  • namespaces: Correctly reload the proper mount when tuning or reloading the mount
  • secret/azure: Cache azure authorizer
  • secret/database: Strip empty statements on user input
  • secret/gcpkms: Add path for retrieving the public key
  • secret/pki: Fix panic that could occur during tidy operation when malformed data was found
  • secret/pki: Strip empty line in ca_chain output
  • ui: Fixed a bug where the web CLI was not usable via the fullscreen command
  • ui: Fix a bug where you couldn't write a jwt auth method config
Test Plan
  • Started a server with vault server -dev
  • Opened UI in browser via http://127.0.0.1:8200
  • Created a simple secret store

Diff Detail

Repository
R4604 vault
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

This revision is now accepted and ready to land.Dec 17 2018, 1:41 AM
This revision was automatically updated to reflect the committed changes.