Vault 1.13.2, 1.12.6 and 1.11.10 released!

19 views
Skip to first unread message

Cinthia Vanni

unread,
Apr 27, 2023, 11:10:08 AM4/27/23
to HashiCorp Announcements

Hi folks,


The Vault team is announcing the release of Vault 1.13.2, as well as 1.12.6, and 1.11.10!


Open-source binaries can be downloaded at [1, 10, 11]. Enterprise binaries are available to customers as well.


As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing secu...@hashicorp.com and do not use the public issue tracker. Our security policy and our PGP key can be found at [2].


The major features and improvements in the 1.13.2 release are:

  • AWS Secrets Engine: Fixed a known issue in 1.13.0 and 1.13.1 where STS credentials generated by the engine did not return a `lease_duration`. This value has been re-introduced in 1.13.2

  • Cert: Fixed OCSP signature verification failure against Vault PKI OCSP responders.

  • HTTP 412 Responses: We addressed some issues where Vault was returning 412 error codes unexpectedly.

  • Integrated Storage: We fixed a bug where dead server cleanup would sometimes prune servers that were still joining the cluster.

  • KMIP: Fixed a problem decrypting with keys that have no Process Start Date attribute.

  • LDAP Auth Method: Added a `connection_timeout` configuration parameter to control client timeout on dial requests made by the plugin against LDAP servers.

  • PKI: Fixed issues with cross-cluster revocation and unified CRLs on existing mounts after unseal.

  • UI: We included the ability to dismiss a license expiration banner.


See the Changelog at [3] for the full list of improvements and bug fixes.


See the Feature Deprecation Notice and Plans page [7] for our upcoming feature deprecation plans.


Note: Upcoming in Vault 1.14 we will stop publishing official Dockerhub images and publish only our Verified Publisher images. Users of Docker images should pull from “hashicorp/vault” instead of “vault”.


OSS [5] and Enterprise [6] Docker images will be available soon.


---


Upgrading


See [4] for general upgrade instructions, and [9] for upgrade instructions and known issues for 1.13.


As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at [8].


We hope you enjoy Vault 1.13.2!


Sincerely, The Vault Team


[1] https://releases.hashicorp.com/vault/1.13.2

[2] https://www.hashicorp.com/security

[3] https://github.com/hashicorp/vault/blob/main/CHANGELOG.md#1132

[4] https://www.vaultproject.io/docs/upgrading

[5] https://hub.docker.com/r/hashicorp/vault

[6] https://hub.docker.com/r/hashicorp/vault-enterprise

[7] https://vaultproject.io/docs/deprecation

[8] https://discuss.hashicorp.com/c/vault

[9] https://www.vaultproject.io/docs/upgrading

[10] https://releases.hashicorp.com/vault/1.12.6

[11] https://releases.hashicorp.com/vault/1.11.10
Reply all
Reply to author
Forward
0 new messages