v1.7.10

backport of commit 687bb1c3cfdedf8be53deda85040676005a3db50 (#14283)

Co-authored-by: Sarah <[email protected]>

v1.9.3

1.9.3

January 27, 2022

IMPROVEMENTS:

• auth/kubernetes: Added support for dynamically reloading short-lived tokens for better Kubernetes 1.21+ compatibility [GH-13698]
• auth/ldap: Add username to alias metadata [GH-13669]
• core/identity: Support updating an alias' custom_metadata to be empty. [GH-13395]
• core: Fixes code scanning alerts [GH-13667]
• http (enterprise): Serve /sys/license/status endpoint within namespaces

BUG FIXES:

• auth/oidc: Fixes OIDC auth from the Vault UI when using the implicit flow and form_post response mode. [GH-13492]
• cli: Fix using kv patch with older server versions that don't support HTTP PATCH. [GH-13615]
• core (enterprise): Workaround AWS CloudHSM v5 SDK issue not allowing read-only sessions
• core/identity: Address a data race condition between local updates to aliases and invalidations [GH-13476]
• core: add support for go-sockaddr templates in the top-level cluster_addr field [GH-13678]
• identity/oidc: Check for a nil signing key on rotation to prevent panics. [GH-13716]
• kmip (enterprise): Fix locate by name operations fail to find key after a rekey operation.
• secrets/database/mssql: Accept a boolean for contained_db, rather than just a string. [GH-13469]
• secrets/gcp: Fixes role bindings for BigQuery dataset resources. [GH-13548]
• secrets/pki: Fix regression causing performance secondaries to forward certificate generation to the primary. [GH-13759]
• storage/raft: On linux, use map_populate for bolt files to improve startup time. [GH-13573]
• storage/raft: Units for bolt metrics now given in milliseconds instead of nanoseconds [GH-13749]
• ui: Fixes breadcrumb bug for secrets navigation [GH-13604]
• ui: Fixes issue saving KMIP role correctly [GH-13585]

v1.8.8

1.8.8

January 27, 2022

IMPROVEMENTS:

• core: Fixes code scanning alerts [GH-13667]

BUG FIXES:

• auth/oidc: Fixes OIDC auth from the Vault UI when using the implicit flow and form_post response mode. [GH-13494]
• core (enterprise): Workaround AWS CloudHSM v5 SDK issue not allowing read-only sessions
• kmip (enterprise): Fix locate by name operations fail to find key after a rekey operation.
• secrets/gcp: Fixes role bindings for BigQuery dataset resources. [GH-13549]
• secrets/pki: Fix regression causing performance secondaries to forward certificate generation to the primary. [GH-13759]
• secrets/pki: Fix regression causing performance secondaries to forward certificate generation to the primary. [GH-2456]
• storage/raft: Fix issues allowing invalid nodes to become leadership candidates. [GH-13703]
• storage/raft: On linux, use map_populate for bolt files to improve startup time. [GH-13573]
• storage/raft: Units for bolt metrics now given in milliseconds instead of nanoseconds [GH-13749]
• ui: Fixes breadcrumb bug for secrets navigation [GH-13604]
• ui: Fixes issue saving KMIP role correctly [GH-13585]

v1.7.9

1.7.9

January 27, 2022

IMPROVEMENTS:

• core: Fixes code scanning alerts [GH-13667]

BUG FIXES:

• auth/oidc: Fixes OIDC auth from the Vault UI when using the implicit flow and form_post response mode. [GH-13493]
• secrets/gcp: Fixes role bindings for BigQuery dataset resources. [GH-13735]
• ui: Fixes breadcrumb bug for secrets navigation [GH-13604]
• ui: Fixes issue saving KMIP role correctly [GH-13585]

v1.9.2

1.9.2

December 21, 2021

CHANGES:

• go: Update go version to 1.17.5 [GH-13408]

IMPROVEMENTS:

• auth/jwt: The Authorization Code flow makes use of the Proof Key for Code Exchange (PKCE) extension. [GH-13365]

BUG FIXES:

• ui: Fix client count current month data not showing unless monthly history data exists [GH-13396]

v1.8.7

1.8.7

December 21, 2021

CHANGES:

• go: Update go version to 1.16.12 [GH-13422]

v1.7.8

1.7.8

December 21, 2021

CHANGES:

• go: Update go version to 1.16.12 [GH-13422]

BUG FIXES:

• auth/aws: Fixes ec2 login no longer supporting DSA signature verification [GH-12340]
• identity: Fix a panic on arm64 platform when doing identity I/O. [GH-12371]

v1.9.1

1.9.1

December 9, 2021

IMPROVEMENTS:

• storage/aerospike: Upgrade aerospike-client-go to v5.6.0. [GH-12165]

BUG FIXES:

• auth/approle: Fix regression where unset cidrlist is returned as nil instead of zero-length array. [GH-13235]
• ha (enterprise): Prevents performance standby nodes from serving and caching stale data immediately after performance standby election completes
• http:Fix /sys/monitor endpoint returning streaming not supported [GH-13200]
• identity/oidc: Make the nonce parameter optional for the Authorization Endpoint of OIDC providers. [GH-13231]
• identity: Fixes a panic in the OIDC key rotation due to a missing nil check. [GH-13298]
• sdk/queue: move lock before length check to prevent panics. [GH-13146]
• secrets/azure: Fixes service principal generation when assigning roles that have DataActions. [GH-13277]
• secrets/pki: Recognize ed25519 when requesting a response in PKCS8 format [GH-13257]
• storage/raft: Fix a panic when trying to store a key > 32KB in a transaction. [GH-13286]
• storage/raft: Fix a panic when trying to write a key > 32KB [GH-13282]
• ui: Do not show verify connection value on database connection config page [GH-13152]
• ui: Fixes issue restoring raft storage snapshot [GH-13107]
• ui: Fixes issue with OIDC auth workflow when using MetaMask Chrome extension [GH-13133]
• ui: Fixes issue with automate secret deletion value not displaying initially if set in secret metadata edit view [GH-13177]
• ui: Fixes issue with placeholder not displaying for automatically deleted secrets when deletion time has passed [GH-13166]
• ui: Fixes node-forge error when parsing EC (elliptical curve) certs [GH-13238]

v1.8.6

1.8.6

December 9, 2021

CHANGES:

• go: Update go version to 1.16.9 [GH-13029]

BUG FIXES:

• ha (enterprise): Prevents performance standby nodes from serving and caching stale data immediately after performance standby election completes
• storage/raft: Fix a panic when trying to store a key > 32KB in a transaction. [GH-13286]
• storage/raft: Fix a panic when trying to write a key > 32KB [GH-13282]
• ui: Adds pagination to auth methods list view [GH-13054]
• ui: Do not show verify connection value on database connection config page [GH-13152]
• ui: Fixes issue restoring raft storage snapshot [GH-13107]
• ui: Fixes issue with OIDC auth workflow when using MetaMask Chrome extension [GH-13133]
• ui: Fixes issue with the number of PGP Key inputs not matching the key shares number in the initialization form on change [GH-13038]

v1.7.7

1.7.7

December 9, 2021

BUG FIXES:

• ha (enterprise): Prevents performance standby nodes from serving and caching stale data immediately after performance standby election completes
• storage/raft: Fix a panic when trying to store a key > 32KB in a transaction. [GH-13286]
• storage/raft: Fix a panic when trying to write a key > 32KB [GH-13282]
• ui: Fixes issue restoring raft storage snapshot [GH-13107]
• ui: Fixes issue with OIDC auth workflow when using MetaMask Chrome extension [GH-13133]
• ui: Fixes issue with the number of PGP Key inputs not matching the key shares number in the initialization form on change [GH-13038]