ยซ Changelog History


Vault v1.0.1 Release Notes

Release Date: 2018-12-14 // over 5 years ago

  • ๐Ÿ”’ SECURITY:

    • Update version of Go to 1.11.3 to fix Go bug https://github.com/golang/go/issues/29233 which corresponds to CVE-2018-16875
    • Database user revocation: If a client has configured custom revocation statements for a role with a value of "", that statement would be executed verbatim, resulting in a lack of actual revocation but success for the operation. Vault will now strip empty statements from any provided; as a result if an empty statement is provided, it will behave as if no statement is provided, falling back to the default revocation statement.

    ๐Ÿ”„ CHANGES:

    • secret/database: On role read, empty statements will be returned as empty slices instead of potentially being returned as JSON null values. This makes it more in line with other parts of Vault and makes it easier for statically typed languages to interpret the values.

    ๐Ÿ‘Œ IMPROVEMENTS:

    • cli: Strip iTerm extra characters from password manager input [GH-5837]
    • command/server: Setting default kv engine to v1 in -dev mode can now be specified via -dev-kv-v1 [GH-5919]
    • core: Add operationId field to OpenAPI output [GH-5876]
    • ui: Added ability to search for Group and Policy IDs when creating Groups and Entities instead of typing them in manually

    ๐Ÿ› BUG FIXES:

    • auth/azure: Cache azure authorizer [15]
    • auth/gcp: Remove explicit project for service account in GCE authorizer [GH-58]
    • cli: Show correct stored keys/threshold for autoseals [GH-5910]
    • cli: Fix backwards compatibility fallback when listing plugins [GH-5913]
    • core: Fix upgrades when the seal config had been created on early versions of vault [GH-5956]
    • namespaces: Correctly reload the proper mount when tuning or reloading the mount [GH-5937]
    • secret/azure: Cache azure authorizer [19]
    • secret/database: Strip empty statements on user input [GH-5955]
    • secret/gcpkms: Add path for retrieving the public key [GH-5]
    • secret/pki: Fix panic that could occur during tidy operation when malformed data was found [GH-5931]
    • secret/pki: Strip empty line in ca_chain output [GH-5779]
    • ui: Fixed a bug where the web CLI was not usable via the fullscreen command - [GH-5909]
    • ui: Fix a bug where you couldn't write a jwt auth method config [GH-5936]