Skip to content

v1.17.3
Compare
Choose a tag to compare
@hc-github-team-es-release-engineering hc-github-team-es-release-engineering released this 07 Aug 18:19
v1.17.3
c91c854
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

1.17.3

August 07, 2024

CHANGES:

  • auth/cf: Update plugin to v0.18.0 [GH-27724]

IMPROVEMENTS:

  • audit: Ensure that any underyling errors from audit devices are logged even if we consider auditing to be a success. [GH-27809]
  • audit: Internal implementation changes to the audit subsystem which improve performance. [GH-27952]
  • audit: sinks (file, socket, syslog) will attempt to log errors to the server operational
    log before returning (if there are errors to log, and the context is done). [GH-27859]
  • auth/cert: Cache full list of role trust information separately to avoid
    eviction, and avoid duplicate loading during multiple simultaneous logins on
    the same role. [GH-27902]
  • license utilization reporting (enterprise): Auto-roll billing start date. [GH-27656]
  • website/docs: Added API documentation for Azure Secrets Engine delete role [GH-27883]

BUG FIXES:

  • auth/cert: Use subject's serial number, not issuer's within error message text in OCSP request errors [GH-27696]
  • core (enterprise): Fix 500 errors that occurred querying sys/internal/ui/mounts for a mount prefixed by a namespace path when path filters are configured. [GH-27939]
  • core/identity: Fixed an issue where deleted/reassigned entity-aliases were not removed from in-memory database. [GH-27750]
  • proxy/cache (enterprise): Fixed an issue where Proxy would not correctly update KV secrets when talking to a perf standby. Proxy will now attempt to forward requests to update secrets triggered by events to the active node. Note that this requires allow_forwarding_via_header to be configured on the cluster. [GH-27891]
  • proxy/cache (enterprise): Fixed an issue where cached static secrets could fail to update if the secrets belonged to a non-root namespace. [GH-27730]
  • raft/autopilot: Fixed panic that may occur during shutdown [GH-27726]
  • secrets-sync (enterprise): Destination set/remove operations will no longer be blocked as "purge in progress" after a purge job ended in failure.
  • secrets-sync (enterprise): Normalize custom_tag keys and values for recoverable invalid characters.
  • secrets-sync (enterprise): Normalize secret key names before storing the external_name in a secret association.
  • secrets-sync (enterprise): Patching github sync destination credentials will properly update and save the new credentials.
  • secrets-sync (enterprise): Return an error immediately on destination creation when providing invalid custom_tags based on destination type.
  • secrets/identity (enterprise): Fix a bug that can cause DR promotion to fail in rare cases where a PR secondary has inconsistent alias information in storage.
  • sys: Fix a bug where mounts of external plugins that were registered before Vault v1.0.0 could not be tuned to
    use versioned plugins. [GH-27881]
  • ui: Fix cursor jump on KVv2 json editor that would occur after pressing ENTER. [GH-27569]
  • ui: fix issue where enabling then disabling "Tidy ACME" in PKI results in failed API call. [GH-27742]
  • ui: fix namespace picker not working when in small screen where the sidebar is collapsed by default. [GH-27728]
Assets 2
Loading