"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "CHANGELOG.md" between
vault-1.8.1.tar.gz and vault-1.8.2.tar.gz

About: vault is a tool for secrets management, encryption as a service, and privileged access management.

CHANGELOG.md  (vault-1.8.1):CHANGELOG.md  (vault-1.8.2)
## 1.8.0-rc2 ## 1.8.1
### July 15th, 2021 ### August 5th, 2021
CHANGES:
* go: Update go version to 1.16.6 [[GH-12245](https://github.com/hashicorp/vault
/pull/12245)]
IMPROVEMENTS:
* serviceregistration: add `external-source: "vault"` metadata value for Consul
registration. [[GH-12163](https://github.com/hashicorp/vault/pull/12163)]
BUG FIXES:
* auth/aws: Remove warning stating AWS Token TTL will be capped by the Default L
ease TTL. [[GH-12026](https://github.com/hashicorp/vault/pull/12026)]
* auth/jwt: Fixes OIDC auth from the Vault UI when using `form_post` as the `oid
c_response_mode`. [[GH-12258](https://github.com/hashicorp/vault/pull/12258)]
* core (enterprise): Disallow autogenerated licenses to be used in diagnose even
when config is specified
* core: fix byte printing for diagnose disk checks [[GH-12229](https://github.co
m/hashicorp/vault/pull/12229)]
* identity: do not allow a role's token_ttl to be longer than the signing key's
verification_ttl [[GH-12151](https://github.com/hashicorp/vault/pull/12151)]
## 1.8.0
### July 28th, 2021
CHANGES: CHANGES:
* agent: Errors in the template engine will no longer cause agent to exit unless * agent: Errors in the template engine will no longer cause agent to exit unless
explicitly defined to do so. A new configuration parameter, explicitly defined to do so. A new configuration parameter,
`exit_on_retry_failure`, within the new top-level stanza, `template_config`, can `exit_on_retry_failure`, within the new top-level stanza, `template_config`, can
be set to `true` in order to cause agent to exit. Note that for agent to exit if be set to `true` in order to cause agent to exit. Note that for agent to exit if
`template.error_on_missing_key` is set to `true`, `exit_on_retry_failure` must `template.error_on_missing_key` is set to `true`, `exit_on_retry_failure` must
be also set to `true`. Otherwise, the template engine will log an error but then be also set to `true`. Otherwise, the template engine will log an error but then
restart its internal runner. [[GH-11775](https://github.com/hashicorp/vault/pull /11775)] restart its internal runner. [[GH-11775](https://github.com/hashicorp/vault/pull /11775)]
* agent: Update to use IAM Service Account Credentials endpoint for signing JWTs * agent: Update to use IAM Service Account Credentials endpoint for signing JWTs
when using GCP Auto-Auth method [[GH-11473](https://github.com/hashicorp/vault/p ull/11473)] when using GCP Auto-Auth method [[GH-11473](https://github.com/hashicorp/vault/p ull/11473)]
* go: Update to Go 1.16.5 [[GH-11802](https://github.com/hashicorp/vault/pull/11 * core (enterprise): License/EULA changes that ensure the presence of a valid Ha
802)] shiCorp license to
start Vault. More information is available in the [Vault License FAQ](https://ww
w.vaultproject.io/docs/enterprise/license/faqs)
FEATURES: FEATURES:
* **GCP Secrets Engine Static Accounts**: Adds ability to use existing service a
ccounts for generation
of service account keys and access tokens. [[GH-12023](https://github.com/hash
icorp/vault/pull/12023)]
* **Key Management Secrets Engine (Enterprise)**: Adds general availability for
distributing and managing keys in AWS KMS. [[GH-11958](https://github.com/hashic
orp/vault/pull/11958)]
* **License Autoloading (Enterprise)**: Licenses may now be automatically loaded
from the environment or disk.
* **MySQL Database UI**: The UI now supports adding and editing MySQL connection s in the database secret engine [[GH-11532](https://github.com/hashicorp/vault/p ull/11532)] * **MySQL Database UI**: The UI now supports adding and editing MySQL connection s in the database secret engine [[GH-11532](https://github.com/hashicorp/vault/p ull/11532)]
* cli/api: Add lease lookup command [[GH-11129](https://github.com/hashicorp/vau * **Vault Diagnose**: A new `vault operator` command to detect common issues wit
lt/pull/11129)] h vault server setups.
* core: Add controlled capabilities to control group policy stanza
* secret/rabbitmq: Add ability to customize dynamic usernames [[GH-11899](https:
//github.com/hashicorp/vault/pull/11899)]
* secrets/database/elasticsearch: Add ability to customize dynamic usernames [[G
H-11957](https://github.com/hashicorp/vault/pull/11957)]
* secrets/database/influxdb: Add ability to customize dynamic usernames [[GH-117
96](https://github.com/hashicorp/vault/pull/11796)]
* secrets/database/mongodbatlas: Add ability to customize dynamic usernames [[GH
-11956](https://github.com/hashicorp/vault/pull/11956)]
* secrets/database/redshift: Add ability to customize dynamic usernames [[GH-120
16](https://github.com/hashicorp/vault/pull/12016)]
* secrets/database/snowflake: Add ability to customize dynamic usernames [[GH-11
997](https://github.com/hashicorp/vault/pull/11997)]
* secrets/gcp: Adds ability to use existing service accounts for generation of s
ervice account keys and access tokens. [[GH-12023](https://github.com/hashicorp/
vault/pull/12023)]
* secrets/keymgmt (enterprise): Adds general availability for distributing and m
anaging keys in AWS KMS. [[GH-11958](https://github.com/hashicorp/vault/pull/119
58)]
* ssh: add support for templated values in SSH CA DefaultExtensions [[GH-11495](
https://github.com/hashicorp/vault/pull/11495)]
* ui: Add database secret engine support for MSSQL [[GH-11231](https://github.co
m/hashicorp/vault/pull/11231)]
IMPROVEMENTS: IMPROVEMENTS:
* agent/template: Added static_secret_render_interval to specify how often to fe tch non-leased secrets [[GH-11934](https://github.com/hashicorp/vault/pull/11934 )] * agent/template: Added static_secret_render_interval to specify how often to fe tch non-leased secrets [[GH-11934](https://github.com/hashicorp/vault/pull/11934 )]
* agent: Allow Agent auto auth to read symlinked JWT files [[GH-11502](https://g ithub.com/hashicorp/vault/pull/11502)] * agent: Allow Agent auto auth to read symlinked JWT files [[GH-11502](https://g ithub.com/hashicorp/vault/pull/11502)]
* api: Allow a leveled logger to be provided to `api.Client` through `SetLogger` . [[GH-11696](https://github.com/hashicorp/vault/pull/11696)] * api: Allow a leveled logger to be provided to `api.Client` through `SetLogger` . [[GH-11696](https://github.com/hashicorp/vault/pull/11696)]
* auth/aws: Underlying error included in validation failure message. [[GH-11638] (https://github.com/hashicorp/vault/pull/11638)] * auth/aws: Underlying error included in validation failure message. [[GH-11638] (https://github.com/hashicorp/vault/pull/11638)]
* cli/api: Add lease lookup command [[GH-11129](https://github.com/hashicorp/vau lt/pull/11129)]
* core: Add `prefix_filter` to telemetry config [[GH-12025](https://github.com/h ashicorp/vault/pull/12025)] * core: Add `prefix_filter` to telemetry config [[GH-12025](https://github.com/h ashicorp/vault/pull/12025)]
* core: Add a darwin/arm64 binary release supporting the Apple M1 CPU [[GH-12071 ](https://github.com/hashicorp/vault/pull/12071)]
* core: Add a small (<1s) exponential backoff to failed TCP listener Accept fail ures. [[GH-11588](https://github.com/hashicorp/vault/pull/11588)] * core: Add a small (<1s) exponential backoff to failed TCP listener Accept fail ures. [[GH-11588](https://github.com/hashicorp/vault/pull/11588)]
* core (enterprise): Add controlled capabilities to control group policy stanza
* core: Add metrics for standby node forwarding. [[GH-11366](https://github.com/ hashicorp/vault/pull/11366)] * core: Add metrics for standby node forwarding. [[GH-11366](https://github.com/ hashicorp/vault/pull/11366)]
* core: Add metrics to report if a node is a perf standby, if a node is a dr sec ondary or primary, and if a node is a perf secondary or primary. [[GH-11472](htt ps://github.com/hashicorp/vault/pull/11472)]
* core: Send notifications to systemd on start, stop, and configuration reload. [[GH-11517](https://github.com/hashicorp/vault/pull/11517)] * core: Send notifications to systemd on start, stop, and configuration reload. [[GH-11517](https://github.com/hashicorp/vault/pull/11517)]
* core: add irrevocable lease list and count apis [[GH-11607](https://github.com /hashicorp/vault/pull/11607)] * core: add irrevocable lease list and count apis [[GH-11607](https://github.com /hashicorp/vault/pull/11607)]
* core: allow arbitrary length stack traces upon receiving SIGUSR2 (was 32MB) [[ GH-11364](https://github.com/hashicorp/vault/pull/11364)] * core: allow arbitrary length stack traces upon receiving SIGUSR2 (was 32MB) [[ GH-11364](https://github.com/hashicorp/vault/pull/11364)]
* db/cassandra: Added tls_server_name to specify server name for TLS validation [[GH-11820](https://github.com/hashicorp/vault/pull/11820)] * db/cassandra: Added tls_server_name to specify server name for TLS validation [[GH-11820](https://github.com/hashicorp/vault/pull/11820)]
* plugins/ad: Added rotate-role endpoint for manual service account password rot * go: Update to Go 1.16.5 [[GH-11802](https://github.com/hashicorp/vault/pull/11
ations [[GH-11942](https://github.com/hashicorp/vault/pull/11942)] 802)]
* raft: Improve raft batch size selection [[GH-11907](https://github.com/hashico * replication: Delay evaluation of X-Vault-Index headers until merkle sync compl
rp/vault/pull/11907)] etes.
* raft: change freelist type to map and set nofreelistsync to true [[GH-11895](h * secrets/rabbitmq: Add ability to customize dynamic usernames [[GH-11899](https
ttps://github.com/hashicorp/vault/pull/11895)] ://github.com/hashicorp/vault/pull/11899)]
* replication (enterprise): The log shipper is now memory * secrets/ad: Add `rotate-role` endpoint to allow rotations of service accounts.
as well as length bound, and length and size can be [[GH-11942](https://github.com/hashicorp/vault/pull/11942)]
separately configured. * secrets/aws: add IAM tagging support for iam_user roles [[GH-10953](https://gi
thub.com/hashicorp/vault/pull/10953)]
* secrets/aws: add ability to provide a role session name when generating STS cr edentials [[GH-11345](https://github.com/hashicorp/vault/pull/11345)] * secrets/aws: add ability to provide a role session name when generating STS cr edentials [[GH-11345](https://github.com/hashicorp/vault/pull/11345)]
* secrets/database/elasticsearch: Add ability to customize dynamic usernames [[G
H-11957](https://github.com/hashicorp/vault/pull/11957)]
* secrets/database/influxdb: Add ability to customize dynamic usernames [[GH-117
96](https://github.com/hashicorp/vault/pull/11796)]
* secrets/database/mongodb: Add ability to customize `SocketTimeout`, `ConnectTi meout`, and `ServerSelectionTimeout` [[GH-11600](https://github.com/hashicorp/va ult/pull/11600)] * secrets/database/mongodb: Add ability to customize `SocketTimeout`, `ConnectTi meout`, and `ServerSelectionTimeout` [[GH-11600](https://github.com/hashicorp/va ult/pull/11600)]
* secrets/database/mongodb: Increased throughput by allowing for multiple reques t threads to simultaneously update users in MongoDB [[GH-11600](https://github.c om/hashicorp/vault/pull/11600)] * secrets/database/mongodb: Increased throughput by allowing for multiple reques t threads to simultaneously update users in MongoDB [[GH-11600](https://github.c om/hashicorp/vault/pull/11600)]
* secrets/database/mongodbatlas: Adds the ability to customize username generati
on for dynamic users in MongoDB Atlas. [[GH-11956](https://github.com/hashicorp/
vault/pull/11956)]
* secrets/database/redshift: Add ability to customize dynamic usernames [[GH-120
16](https://github.com/hashicorp/vault/pull/12016)]
* secrets/database/snowflake: Add ability to customize dynamic usernames [[GH-11
997](https://github.com/hashicorp/vault/pull/11997)]
* ssh: add support for templated values in SSH CA DefaultExtensions [[GH-11495](
https://github.com/hashicorp/vault/pull/11495)]
* storage/raft: Improve raft batch size selection [[GH-11907](https://github.com
/hashicorp/vault/pull/11907)]
* storage/raft: change freelist type to map and set nofreelistsync to true [[GH-
11895](https://github.com/hashicorp/vault/pull/11895)]
* storage/raft: Switch to shared raft-boltdb library and add boltdb metrics [[GH
-11269](https://github.com/hashicorp/vault/pull/11269)]
* storage/raft: Support autopilot for HA only raft storage. [[GH-11260](https:// github.com/hashicorp/vault/pull/11260)] * storage/raft: Support autopilot for HA only raft storage. [[GH-11260](https:// github.com/hashicorp/vault/pull/11260)]
* storage/raft (enterprise): Enable Autopilot on DR secondary clusters
* ui: Add Validation to KV secret engine [[GH-11785](https://github.com/hashicor p/vault/pull/11785)] * ui: Add Validation to KV secret engine [[GH-11785](https://github.com/hashicor p/vault/pull/11785)]
* ui: Add database secret engine support for MSSQL [[GH-11231](https://github.co m/hashicorp/vault/pull/11231)]
* ui: Add push notification message when selecting okta auth. [[GH-11442](https: //github.com/hashicorp/vault/pull/11442)] * ui: Add push notification message when selecting okta auth. [[GH-11442](https: //github.com/hashicorp/vault/pull/11442)]
* ui: Add regex validation to Transform Template pattern input [[GH-11586](https ://github.com/hashicorp/vault/pull/11586)] * ui: Add regex validation to Transform Template pattern input [[GH-11586](https ://github.com/hashicorp/vault/pull/11586)]
* ui: Add specific error message if unseal fails due to license [[GH-11705](http s://github.com/hashicorp/vault/pull/11705)] * ui: Add specific error message if unseal fails due to license [[GH-11705](http s://github.com/hashicorp/vault/pull/11705)]
* ui: Add validation support for open api form fields [[GH-11963](https://github .com/hashicorp/vault/pull/11963)] * ui: Add validation support for open api form fields [[GH-11963](https://github .com/hashicorp/vault/pull/11963)]
* ui: Added auth method descriptions to UI login page [[GH-11795](https://github .com/hashicorp/vault/pull/11795)] * ui: Added auth method descriptions to UI login page [[GH-11795](https://github .com/hashicorp/vault/pull/11795)]
* ui: JSON fields on database can be cleared on edit [[GH-11708](https://github. com/hashicorp/vault/pull/11708)] * ui: JSON fields on database can be cleared on edit [[GH-11708](https://github. com/hashicorp/vault/pull/11708)]
* ui: Obscure secret values on input and displayOnly fields like certificates. [ [GH-11284](https://github.com/hashicorp/vault/pull/11284)] * ui: Obscure secret values on input and displayOnly fields like certificates. [ [GH-11284](https://github.com/hashicorp/vault/pull/11284)]
* ui: Redesign of KV 2 Delete toolbar. [[GH-11530](https://github.com/hashicorp/ vault/pull/11530)] * ui: Redesign of KV 2 Delete toolbar. [[GH-11530](https://github.com/hashicorp/ vault/pull/11530)]
* ui: Replace tool partials with components. [[GH-11672](https://github.com/hash icorp/vault/pull/11672)] * ui: Replace tool partials with components. [[GH-11672](https://github.com/hash icorp/vault/pull/11672)]
* ui: Show description on secret engine list [[GH-11995](https://github.com/hash icorp/vault/pull/11995)] * ui: Show description on secret engine list [[GH-11995](https://github.com/hash icorp/vault/pull/11995)]
* ui: Update ember to latest LTS and upgrade UI dependencies [[GH-11447](https:/ /github.com/hashicorp/vault/pull/11447)] * ui: Update ember to latest LTS and upgrade UI dependencies [[GH-11447](https:/ /github.com/hashicorp/vault/pull/11447)]
* ui: Update partials to components [[GH-11680](https://github.com/hashicorp/vau lt/pull/11680)] * ui: Update partials to components [[GH-11680](https://github.com/hashicorp/vau lt/pull/11680)]
* ui: Updated ivy code mirror component for consistency [[GH-11500](https://gith ub.com/hashicorp/vault/pull/11500)] * ui: Updated ivy code mirror component for consistency [[GH-11500](https://gith ub.com/hashicorp/vault/pull/11500)]
* ui: Updated node to v14, latest stable build [[GH-12049](https://github.com/ha shicorp/vault/pull/12049)]
* ui: Updated search select component styling [[GH-11360](https://github.com/has hicorp/vault/pull/11360)] * ui: Updated search select component styling [[GH-11360](https://github.com/has hicorp/vault/pull/11360)]
* ui: add transform secrets engine to features list [[GH-12003](https://github.c om/hashicorp/vault/pull/12003)] * ui: add transform secrets engine to features list [[GH-12003](https://github.c om/hashicorp/vault/pull/12003)]
* ui: add validations for duplicate path kv engine [[GH-11878](https://github.co m/hashicorp/vault/pull/11878)] * ui: add validations for duplicate path kv engine [[GH-11878](https://github.co m/hashicorp/vault/pull/11878)]
* ui: show site-wide banners for license warnings if applicable [[GH-11759](http s://github.com/hashicorp/vault/pull/11759)] * ui: show site-wide banners for license warnings if applicable [[GH-11759](http s://github.com/hashicorp/vault/pull/11759)]
* ui: update license page with relevant autoload info [[GH-11778](https://github .com/hashicorp/vault/pull/11778)] * ui: update license page with relevant autoload info [[GH-11778](https://github .com/hashicorp/vault/pull/11778)]
DEPRECATIONS: DEPRECATIONS:
* secrets/gcp: Deprecated the `/gcp/token/:roleset` and `/gcp/key/:roleset` path * secrets/gcp: Deprecated the `/gcp/token/:roleset` and `/gcp/key/:roleset` path
s for generating secrets for rolesets. s for generating
Use `/gcp/roleset/:roleset/token` and `/gcp/roleset/:roleset/key` instead. [[GH- secrets for rolesets. Use `/gcp/roleset/:roleset/token` and `/gcp/roleset/:rol
12023](https://github.com/hashicorp/vault/pull/12023)] eset/key` instead. [[GH-12023](https://github.com/hashicorp/vault/pull/12023)]
BUG FIXES: BUG FIXES:
* activity: Omit wrapping tokens and control groups from client counts [[GH-1182 6](https://github.com/hashicorp/vault/pull/11826)] * activity: Omit wrapping tokens and control groups from client counts [[GH-1182 6](https://github.com/hashicorp/vault/pull/11826)]
* agent/cert: Fix issue where the API client on agent was not honoring certifica te * agent/cert: Fix issue where the API client on agent was not honoring certifica te
information from the auto-auth config map on renewals or retries. [[GH-11576](ht tps://github.com/hashicorp/vault/pull/11576)] information from the auto-auth config map on renewals or retries. [[GH-11576]( https://github.com/hashicorp/vault/pull/11576)]
* agent/template: fix command shell quoting issue [[GH-11838](https://github.com /hashicorp/vault/pull/11838)] * agent/template: fix command shell quoting issue [[GH-11838](https://github.com /hashicorp/vault/pull/11838)]
* agent: Fixed agent templating to use configured tls servername values [[GH-112 88](https://github.com/hashicorp/vault/pull/11288)] * agent: Fixed agent templating to use configured tls servername values [[GH-112 88](https://github.com/hashicorp/vault/pull/11288)]
* agent: fix timestamp format in log messages from the templating engine [[GH-11 838](https://github.com/hashicorp/vault/pull/11838)] * agent: fix timestamp format in log messages from the templating engine [[GH-11 838](https://github.com/hashicorp/vault/pull/11838)]
* auth/approle: fixing dereference of nil pointer [[GH-11864](https://github.com /hashicorp/vault/pull/11864)] * auth/approle: fixing dereference of nil pointer [[GH-11864](https://github.com /hashicorp/vault/pull/11864)]
* auth/jwt: Updates the [hashicorp/cap](https://github.com/hashicorp/cap) librar y to `v0.1.0` to * auth/jwt: Updates the [hashicorp/cap](https://github.com/hashicorp/cap) librar y to `v0.1.0` to
bring in a verification key caching fix. [[GH-11784](https://github.com/hashicor bring in a verification key caching fix. [[GH-11784](https://github.com/hashic
p/vault/pull/11784)] orp/vault/pull/11784)]
* auth/kubernetes: Fix AliasLookahead to correctly extract ServiceAccount UID wh
en using ephemeral JWTs [[GH-12073](https://github.com/hashicorp/vault/pull/1207
3)]
* auth/ldap: Fix a bug where the LDAP auth method does not return the request_ti meout configuration parameter on config read. [[GH-11975](https://github.com/has hicorp/vault/pull/11975)] * auth/ldap: Fix a bug where the LDAP auth method does not return the request_ti meout configuration parameter on config read. [[GH-11975](https://github.com/has hicorp/vault/pull/11975)]
* cli: Add support for response wrapping in `vault list` and `vault kv list` wit h output format other than `table`. [[GH-12031](https://github.com/hashicorp/vau lt/pull/12031)] * cli: Add support for response wrapping in `vault list` and `vault kv list` wit h output format other than `table`. [[GH-12031](https://github.com/hashicorp/vau lt/pull/12031)]
* cli: vault delete and vault kv delete should support the same output options ( e.g. -format) as vault write. [[GH-11992](https://github.com/hashicorp/vault/pul l/11992)] * cli: vault delete and vault kv delete should support the same output options ( e.g. -format) as vault write. [[GH-11992](https://github.com/hashicorp/vault/pul l/11992)]
* core (enterprise): Fix orphan return value from auth methods executed on perfo rmance standby nodes. * core (enterprise): Fix orphan return value from auth methods executed on perfo rmance standby nodes.
* core (enterprise): Fix plugins mounted in namespaces being unable to use passw ord policies [[GH-11596](https://github.com/hashicorp/vault/pull/11596)] * core (enterprise): Fix plugins mounted in namespaces being unable to use passw ord policies [[GH-11596](https://github.com/hashicorp/vault/pull/11596)]
* core (enterprise): serialize access to HSM entropy generation to avoid errors in concurrent key generation.
* core/metrics: Add generic KV mount support for vault.kv.secret.count telemetry metric [[GH-12020](https://github.com/hashicorp/vault/pull/12020)] * core/metrics: Add generic KV mount support for vault.kv.secret.count telemetry metric [[GH-12020](https://github.com/hashicorp/vault/pull/12020)]
* core: Fix cleanup of storage entries from cubbyholes within namespaces. [[GH-1 1408](https://github.com/hashicorp/vault/pull/11408)] * core: Fix cleanup of storage entries from cubbyholes within namespaces. [[GH-1 1408](https://github.com/hashicorp/vault/pull/11408)]
* core: Fix edge cases in the configuration endpoint for barrier key autorotatio n. [[GH-11541](https://github.com/hashicorp/vault/pull/11541)] * core: Fix edge cases in the configuration endpoint for barrier key autorotatio n. [[GH-11541](https://github.com/hashicorp/vault/pull/11541)]
* core: Fix goroutine leak when updating rate limit quota [[GH-11371](https://gi thub.com/hashicorp/vault/pull/11371)] * core: Fix goroutine leak when updating rate limit quota [[GH-11371](https://gi thub.com/hashicorp/vault/pull/11371)]
* core: Fix race that allowed remounting on path used by another mount [[GH-1145 3](https://github.com/hashicorp/vault/pull/11453)] * core: Fix race that allowed remounting on path used by another mount [[GH-1145 3](https://github.com/hashicorp/vault/pull/11453)]
* core: Fix storage entry leak when revoking leases created with non-orphan batc h tokens. [[GH-11377](https://github.com/hashicorp/vault/pull/11377)] * core: Fix storage entry leak when revoking leases created with non-orphan batc h tokens. [[GH-11377](https://github.com/hashicorp/vault/pull/11377)]
* core: Fixed double counting of http requests after operator stepdown [[GH-1197 0](https://github.com/hashicorp/vault/pull/11970)] * core: Fixed double counting of http requests after operator stepdown [[GH-1197 0](https://github.com/hashicorp/vault/pull/11970)]
* core: correct logic for renewal of leases nearing their expiration time. [[GH- 11650](https://github.com/hashicorp/vault/pull/11650)] * core: correct logic for renewal of leases nearing their expiration time. [[GH- 11650](https://github.com/hashicorp/vault/pull/11650)]
* identity: Use correct mount accessor when refreshing external group membership s. [[GH-11506](https://github.com/hashicorp/vault/pull/11506)] * identity: Use correct mount accessor when refreshing external group membership s. [[GH-11506](https://github.com/hashicorp/vault/pull/11506)]
* mongo-db: default username template now strips invalid '.' characters [[GH-118 72](https://github.com/hashicorp/vault/pull/11872)] * mongo-db: default username template now strips invalid '.' characters [[GH-118 72](https://github.com/hashicorp/vault/pull/11872)]
* pki: Only remove revoked entry for certificates during tidy if they are past t heir NotAfter value [[GH-11367](https://github.com/hashicorp/vault/pull/11367)] * pki: Only remove revoked entry for certificates during tidy if they are past t heir NotAfter value [[GH-11367](https://github.com/hashicorp/vault/pull/11367)]
* replication: Fix panic trying to update walState during identity group invalid
ation.
* replication: Fix: mounts created within a namespace that was part of an Allow
filtering rule would not appear on performance secondary if created after rule
was defined.
* secret/pki: use case insensitive domain name comparison as per RFC1035 section 2.3.3 * secret/pki: use case insensitive domain name comparison as per RFC1035 section 2.3.3
* secret: fix the bug where transit encrypt batch doesn't work with key_version [[GH-11628](https://github.com/hashicorp/vault/pull/11628)] * secret: fix the bug where transit encrypt batch doesn't work with key_version [[GH-11628](https://github.com/hashicorp/vault/pull/11628)]
* secrets/ad: Forward all creds requests to active node [[GH-76](https://github. com/hashicorp/vault-plugin-secrets-ad/pull/76)] [[GH-11836](https://github.com/h ashicorp/vault/pull/11836)] * secrets/ad: Forward all creds requests to active node [[GH-76](https://github. com/hashicorp/vault-plugin-secrets-ad/pull/76)] [[GH-11836](https://github.com/h ashicorp/vault/pull/11836)]
* secrets/database/cassandra: Fixed issue where hostnames were not being validat ed when using TLS [[GH-11365](https://github.com/hashicorp/vault/pull/11365)] * secrets/database/cassandra: Fixed issue where hostnames were not being validat ed when using TLS [[GH-11365](https://github.com/hashicorp/vault/pull/11365)]
* secrets/database/cassandra: Fixed issue where the PEM parsing logic of `pem_bu ndle` and `pem_json` didn't work for CA-only configurations [[GH-11861](https:// github.com/hashicorp/vault/pull/11861)] * secrets/database/cassandra: Fixed issue where the PEM parsing logic of `pem_bu ndle` and `pem_json` didn't work for CA-only configurations [[GH-11861](https:// github.com/hashicorp/vault/pull/11861)]
* secrets/database/cassandra: Updated default statement for password rotation to allow for special characters. This applies to root and static credentials. [[GH -11262](https://github.com/hashicorp/vault/pull/11262)] * secrets/database/cassandra: Updated default statement for password rotation to allow for special characters. This applies to root and static credentials. [[GH -11262](https://github.com/hashicorp/vault/pull/11262)]
* secrets/database: Fix marshalling to allow providing numeric arguments to exte rnal database plugins. [[GH-11451](https://github.com/hashicorp/vault/pull/11451 )] * secrets/database: Fix marshalling to allow providing numeric arguments to exte rnal database plugins. [[GH-11451](https://github.com/hashicorp/vault/pull/11451 )]
* secrets/database: Fixed an issue that prevented external database plugin proce sses from restarting after a shutdown. [[GH-12087](https://github.com/hashicorp/ vault/pull/12087)]
* secrets/database: Fixed minor race condition when rotate-root is called [[GH-1 1600](https://github.com/hashicorp/vault/pull/11600)] * secrets/database: Fixed minor race condition when rotate-root is called [[GH-1 1600](https://github.com/hashicorp/vault/pull/11600)]
* secrets/database: Fixes issue for V4 database interface where `SetCredentials` wasn't falling back to using `RotateRootCredentials` if `SetCredentials` is `Un implemented` [[GH-11585](https://github.com/hashicorp/vault/pull/11585)] * secrets/database: Fixes issue for V4 database interface where `SetCredentials` wasn't falling back to using `RotateRootCredentials` if `SetCredentials` is `Un implemented` [[GH-11585](https://github.com/hashicorp/vault/pull/11585)]
* secrets/openldap: Fix bug where schema was not compatible with rotate-root [#2 4](https://github.com/hashicorp/vault-plugin-secrets-openldap/pull/24) [[GH-1201 9](https://github.com/hashicorp/vault/pull/12019)]
* storage/dynamodb: Handle throttled batch write requests by retrying, without w hich writes could be lost. [[GH-10181](https://github.com/hashicorp/vault/pull/1 0181)] * storage/dynamodb: Handle throttled batch write requests by retrying, without w hich writes could be lost. [[GH-10181](https://github.com/hashicorp/vault/pull/1 0181)]
* storage/raft: Support cluster address change for nodes in a cluster managed by autopilot [[GH-11247](https://github.com/hashicorp/vault/pull/11247)] * storage/raft: Support cluster address change for nodes in a cluster managed by autopilot [[GH-11247](https://github.com/hashicorp/vault/pull/11247)]
* storage/raft: Tweak creation of vault.db file [[GH-12034](https://github.com/h ashicorp/vault/pull/12034)] * storage/raft: Tweak creation of vault.db file [[GH-12034](https://github.com/h ashicorp/vault/pull/12034)]
* storage/raft: leader_tls_servername wasn't used unless leader_ca_cert_file and /or mTLS were configured. [[GH-11252](https://github.com/hashicorp/vault/pull/11 252)] * storage/raft: leader_tls_servername wasn't used unless leader_ca_cert_file and /or mTLS were configured. [[GH-11252](https://github.com/hashicorp/vault/pull/11 252)]
* tokenutil: Perform the num uses check before token type. [[GH-11647](https://g ithub.com/hashicorp/vault/pull/11647)] * tokenutil: Perform the num uses check before token type. [[GH-11647](https://g ithub.com/hashicorp/vault/pull/11647)]
* transform (enterprise): Fix an issue with malformed transform configuration * transform (enterprise): Fix an issue with malformed transform configuration
storage when upgrading from 1.5 to 1.6. See Upgrade Notes for 1.6.x. storage when upgrading from 1.5 to 1.6. See Upgrade Notes for 1.6.x.
* ui: Add role from database connection automatically populates the database for
new role [[GH-11119](https://github.com/hashicorp/vault/pull/11119)]
* ui: Add root rotation statements support to appropriate database secret engine plugins [[GH-11404](https://github.com/hashicorp/vault/pull/11404)] * ui: Add root rotation statements support to appropriate database secret engine plugins [[GH-11404](https://github.com/hashicorp/vault/pull/11404)]
* ui: Automatically refresh the page when user logs out [[GH-12035](https://gith
ub.com/hashicorp/vault/pull/12035)]
* ui: Fix Version History queryParams on LinkedBlock [[GH-12079](https://github.
com/hashicorp/vault/pull/12079)]
* ui: Fix bug where database secret engines with custom names cannot delete conn
ections [[GH-11127](https://github.com/hashicorp/vault/pull/11127)]
* ui: Fix bug where the UI does not recognize version 2 KV until refresh, and fi x [object Object] error message [[GH-11258](https://github.com/hashicorp/vault/p ull/11258)] * ui: Fix bug where the UI does not recognize version 2 KV until refresh, and fi x [object Object] error message [[GH-11258](https://github.com/hashicorp/vault/p ull/11258)]
* ui: Fix database role CG access [[GH-12111](https://github.com/hashicorp/vault
/pull/12111)]
* ui: Fix date display on expired token notice [[GH-11142](https://github.com/ha
shicorp/vault/pull/11142)]
* ui: Fix entity group membership and metadata not showing [[GH-11641](https://g ithub.com/hashicorp/vault/pull/11641)] * ui: Fix entity group membership and metadata not showing [[GH-11641](https://g ithub.com/hashicorp/vault/pull/11641)]
* ui: Fix error message caused by control group [[GH-11143](https://github.com/h ashicorp/vault/pull/11143)] * ui: Fix error message caused by control group [[GH-11143](https://github.com/h ashicorp/vault/pull/11143)]
* ui: Fix footer URL linking to the correct version changelog. [[GH-11283](https ://github.com/hashicorp/vault/pull/11283)] * ui: Fix footer URL linking to the correct version changelog. [[GH-11283](https ://github.com/hashicorp/vault/pull/11283)]
* ui: Fix issue where logging in without namespace input causes error [[GH-11094 ](https://github.com/hashicorp/vault/pull/11094)]
* ui: Fix namespace-bug on login [[GH-11182](https://github.com/hashicorp/vault/ pull/11182)] * ui: Fix namespace-bug on login [[GH-11182](https://github.com/hashicorp/vault/ pull/11182)]
* ui: Fix status menu no showing on login [[GH-11213](https://github.com/hashico rp/vault/pull/11213)] * ui: Fix status menu no showing on login [[GH-11213](https://github.com/hashico rp/vault/pull/11213)]
* ui: Fix text link URL on database roles list [[GH-11597](https://github.com/ha shicorp/vault/pull/11597)] * ui: Fix text link URL on database roles list [[GH-11597](https://github.com/ha shicorp/vault/pull/11597)]
* ui: Fixed and updated lease renewal picker [[GH-11256](https://github.com/hash icorp/vault/pull/11256)] * ui: Fixed and updated lease renewal picker [[GH-11256](https://github.com/hash icorp/vault/pull/11256)]
* ui: fix control group access for database credential [[GH-12024](https://githu b.com/hashicorp/vault/pull/12024)] * ui: fix control group access for database credential [[GH-12024](https://githu b.com/hashicorp/vault/pull/12024)]
* ui: fix issue where select-one option was not showing in secrets database role creation [[GH-11294](https://github.com/hashicorp/vault/pull/11294)] * ui: fix issue where select-one option was not showing in secrets database role creation [[GH-11294](https://github.com/hashicorp/vault/pull/11294)]
* ui: fix oidc login with Safari [[GH-11884](https://github.com/hashicorp/vault/ pull/11884)] * ui: fix oidc login with Safari [[GH-11884](https://github.com/hashicorp/vault/ pull/11884)]
## 1.7.3 ## 1.7.3
## 1.7.3
### June 16th, 2021 ### June 16th, 2021
CHANGES: CHANGES:
* go: Update go version to 1.15.13 [[GH-11857](https://github.com/hashicorp/vaul t/pull/11857)] * go: Update go version to 1.15.13 [[GH-11857](https://github.com/hashicorp/vaul t/pull/11857)]
IMPROVEMENTS: IMPROVEMENTS:
* db/cassandra: Added tls_server_name to specify server name for TLS validation [[GH-11820](https://github.com/hashicorp/vault/pull/11820)] * db/cassandra: Added tls_server_name to specify server name for TLS validation [[GH-11820](https://github.com/hashicorp/vault/pull/11820)]
* ui: Add specific error message if unseal fails due to license [[GH-11705](http s://github.com/hashicorp/vault/pull/11705)] * ui: Add specific error message if unseal fails due to license [[GH-11705](http s://github.com/hashicorp/vault/pull/11705)]
 End of changes. 26 change blocks. 
48 lines changed or deleted 111 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)