v1.12.6
1.12.6
April 26, 2023
CHANGES:
- core: Bump Go version to 1.19.8.
IMPROVEMENTS:
- cli/namespace: Add detailed flag to output additional namespace information
such as namespace IDs and custom metadata. [GH-20243] - core/activity: add an endpoint to write test activity log data, guarded by a build flag [GH-20019]
- core: Add a
raft
sub-field to thestorage
andha_storage
details provided by the
/sys/config/state/sanitized
endpoint in order to include themax_entry_size
. [GH-20044] - sdk/ldaputil: added
connection_timeout
to tune connection timeout duration
for all LDAP plugins. [GH-20144] - secrets/pki: Decrease size and improve compatibility of OCSP responses by removing issuer certificate. [GH-20201]
BUG FIXES:
- auth/ldap: Add max_page_size configurable to LDAP configuration [GH-19032]
- command/server: Fix incorrect paths in generated config for
-dev-tls
flag on Windows [GH-20257] - core (enterprise): Fix intermittent issue with token entries sometimes not being found when using a newly created token in a request to a secondary, even when SSCT
new_token
forwarding is set. When this occurred, this would result in the following error to the client:error performing token check: no lease entry found for token that ought to have one, possible eventual consistency issue
. - core (enterprise): Fix read on perf standbys failing with 412 after leadership change, unseal, restores or restarts when no writes occur
- core/ssct (enterprise): Fixed race condition where a newly promoted DR may revert
sscGenCounter
resulting in 412 errors. - core: Fix regression breaking non-raft clusters whose nodes share the same cluster_addr/api_addr. [GH-19721]
- helper/random: Fix race condition in string generator helper [GH-19875]
- kmip (enterprise): Fix a problem decrypting with keys that have no Process Start Date attribute.
- openapi: Fix many incorrect details in generated API spec, by using better techniques to parse path regexps [GH-18554]
- pki: Fix automatically turning off CRL signing on upgrade to Vault >= 1.12, if CA Key Usage disallows it [GH-20220]
- replication (enterprise): Fix a caching issue when replicating filtered data to
a performance secondary. This resulted in the data being set to nil in the cache
and a "invalid value" error being returned from the API. - replication (enterprise): Fix replication status for Primary clusters showing its primary cluster's information (in case of DR) in secondaries field when known_secondaries field is nil
- secrets/pki: Fix patching of leaf_not_after_behavior on issuers. [GH-20341]
- secrets/transform (enterprise): Address SQL connection leak when cleaning expired tokens
- ui: Fix OIDC provider logo showing when domain doesn't match [GH-20263]
- ui: Fix bad link to namespace when namespace name includes
.
[GH-19799] - ui: fixes browser console formatting for help command output [GH-20064]
- ui: remove use of htmlSafe except when first sanitized [GH-20235]