Vault v1.2.3 Release Notes

Release Date: 2019-09-12 // 8 days ago

    • Oracle Cloud (OCI) Integration: Vault now support using Oracle Cloud for storage, auto unseal, and authentication.


    • auth/jwt: Groups claim matching now treats a string response as a single element list [JWT-63]
    • auth/kubernetes: enable better support for projected tokens API by allowing user to specify issuer [GH-65]
    • auth/pcf: The PCF auth plugin was renamed to the CF auth plugin, maintaining full backwards compatibility [GH-7346]
    • replication: Premium packages now come with unlimited performance standby nodes

    🐛 BUG FIXES:

    • agent: Allow batch tokens and other non-renewable tokens to be used for agent operations [GH-7441]
    • auth/jwt: Fix an error where newer (v1.2) token_* configuration parameters were not being applied to tokens generated using the OIDC login flow [JWT-67]
    • seal/transit: Allow using Vault Agent for transit seal operations [GH-7441]
    • storage/couchdb: Fix a file descriptor leak [GH-7345]
    • ui: Fix a bug where the status menu would disappear when trying to revoke a token [GH-7337]
    • ui: Fix a regression that prevented input of custom items in search-select [GH-7338]
    • ui: Fix an issue with the namespace picker being unable to render nested namespaces named with numbers and sorting of namespaces in the picker [GH-7333]

Previous changes from v1.2.2

  • 🔄 CHANGES:

    • auth/pcf: The signature format has been updated to use the standard Base64 encoding instead of the URL-safe variant. Signatures created using the previous format will continue to be accepted [PCF-27]
    • core: The http response code returned when an identity token key is not found has been changed from 400 to 404


    • identity: Remove 512 entity limit for groups [GH-7317]

    🐛 BUG FIXES:

    • auth/approle: Fix an error where an empty token_type string was not being correctly handled as TokenTypeDefault [GH-7273]
    • auth/radius: Fix panic when logging in [GH-7286]
    • ui: the string-list widget will now honor multiline input [GH-7254]
    • ui: various visual bugs in the KV interface were addressed [GH-7307]
    • ui: fixed incorrect URL to access help in LDAP auth [GH-7299]