Security:
- Update of Go to 1.11.4 to fix a bug which corresponds to CVE-2018-16875
- Database user revocation: Custom revocation statements with a vaue of "" will be stripped
Chages:
- secret/database: On role read, empty statements will be returned as empty slices instead of potentially being returned as JSON null values.
Improvements:
- cli: Strip iTerm extra characters from password manager input
- core: Add operationId field to OpenAPI output
- ui: Added ability to search for Group and Policy IDs when creating Groups and Entities instead of typing them in manually
Bug fixes:
- auth/azure: Cache azure authorizer
- auth/gcp: Remove explicit project for service account in GCE authorizer
- cli: Show correct stored keys/threshold for autoseals
- cli: Fix backwards compatibility fallback when listing plugins
- core: Fix upgrades when the seal config had been created on early versions of vault
- namespaces: Correctly reload the proper mount when tuning or reloading the mount
- secret/azure: Cache azure authorizer
- secret/database: Strip empty statements on user input
- secret/gcpkms: Add path for retrieving the public key
- secret/pki: Fix panic that could occur during tidy operation when malformed data was found
- secret/pki: Strip empty line in ca_chain output
- ui: Fixed a bug where the web CLI was not usable via the fullscreen command
- ui: Fix a bug where you couldn't write a jwt auth method config