v1.14.11+ent
mladlow
released this
29 Mar 19:11
·
3232 commits
to main
since this release
1.14.11 Enterprise
March 28, 2024
This release is created to share the Vault Enterprise changelog and notify consumers of availability. The attached source and assets do not include Vault Enterprise code and should not be used in place of official Docker images or binaries.
SECURITY:
- auth/cert: validate OCSP response was signed by the expected issuer and serial number matched request [GH-26091]
CHANGES:
- core: Bump Go version to 1.21.8.
IMPROVEMENTS:
- auth/cert: Allow validation with OCSP responses with no NextUpdate time [GH-25912]
- openapi: Fix generated types for duration strings [GH-20841]
- raft/snapshotagent (enterprise): upgrade raft-snapshotagent to v0.0.0-20221104090112-13395acd02c5
BUG FIXES:
- auth/cert: Address an issue in which OCSP query responses were not cached [GH-25986]
- auth/cert: Allow cert auth login attempts if ocsp_fail_open is true and OCSP servers are unreachable [GH-25982]
- core/login: Fixed a potential deadlock when a login fails and user lockout is enabled. [GH-25697]
- openapi: Fixing response fields for rekey operations [GH-25509]
- ui: Fix kubernetes auth method roles tab [GH-25999]