Skip to content

v1.12.7

Compare
Choose a tag to compare
@hc-github-team-es-release-engineering hc-github-team-es-release-engineering released this 07 Jun 23:07
54c7210

1.12.7

June 08, 2023

CHANGES:

  • core: Bump Go version to 1.19.9.
  • core: Revert #19676 (VAULT_GRPC_MIN_CONNECT_TIMEOUT env var) as we decided it was unnecessary. [GH-20826]

IMPROVEMENTS:

  • audit: add a mount_point field to audit requests and response entries [GH-20411]
  • command/server: Add support for dumping pprof files to the filesystem via SIGUSR2 when
    VAULT_PPROF_WRITE_TO_FILE=true is set on the server. [GH-20609]
  • core: include namespace path in granting_policies block of audit log
  • openapi: Fix generated types for duration strings [GH-20841]
  • sdk/framework: Fix non-deterministic ordering of 'required' fields in OpenAPI spec [GH-20881]
  • secrets/pki: add subject key identifier to read key response [GH-20642]
  • ui: update TTL picker for consistency [GH-18114]

BUG FIXES:

  • api: Properly Handle nil identity_policies in Secret Data [GH-20636]
  • auth/ldap: Set default value for max_page_size properly [GH-20453]
  • cli: CLI should take days as a unit of time for ttl like flags [GH-20477]
  • cli: disable printing flags warnings messages for the ssh command [GH-20502]
  • core (enterprise): Fix log shipper buffer size overflow issue for 32 bit architecture.
  • core (enterprise): Fix logshipper buffer size to default to DefaultBufferSize only when reported system memory is zero.
  • core (enterprise): Remove MFA Enforcment configuration for namespace when deleting namespace
  • core: prevent panic on login after namespace is deleted that had mfa enforcement [GH-20375]
  • replication (enterprise): Fix a race condition with invalid tokens during WAL streaming that was causing Secondary clusters to be unable to connect to a Primary.
  • replication (enterprise): fix bug where secondary grpc connections would timeout when connecting to a primary host that no longer exists.
  • secrets/transform (enterprise): Fix a caching bug affecting secondary nodes after a tokenization key rotation
  • secrets/transit: Fix export of HMAC-only key, correctly exporting the key used for sign operations. For consumers of the previously incorrect key, use the plaintext export to retrieve these incorrect keys and import them as new versions.
    secrets/transit: Fix bug related to shorter dedicated HMAC key sizing.
    sdk/helper/keysutil: New HMAC type policies will have HMACKey equal to Key and be copied over on import. [GH-20864]
  • ui: Fixes issue unsealing cluster for seal types other than shamir [GH-20897]