Hi folks,
The Vault team is happy to announce the release of Vault 1.6.4!
There
is security content pertaining to the PKI CRL and Cassandra Database
and Storage backends in this release; see the SECURITY section of the
Changelog at [3] for details.
Open-source binaries can be downloaded at [1]. Enterprise binaries are available to customers as well.
As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing
secu...@hashicorp.com and do not use the public issue tracker. Our security policy and our PGP key can be found at [2].
The key fixes and improvements in this release are:
- Core: Add a "tls_max_version" listener config option
- Storage: Fix the cleanup of storage entries from cubbyholes within namespaces
- Identity: Fix a potential deadlock in the entity merge endpoint
- Replication: Fix a bug where mounts created within a namespace might not appear on performance secondaries
See the Changelog at [3] for the full list of improvements and bug fixes.
OSS [5] and Enterprise [6] Docker images will be available soon.
---
Upgrading
See [4] for general upgrade instructions.
As
always, we recommend upgrading and testing this release in an isolated
environment. If you experience any non-security issues, please report
them on the Vault GitHub issue tracker or post to the Vault Discuss
Forum at [7].
We hope you enjoy Vault 1.6.4!
Sincerely, The Vault Team
[1]
https://releases.hashicorp.com/vault/1.6.4[2]
https://www.hashicorp.com/security[3]
https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#164[4]
https://www.vaultproject.io/docs/upgrading[5]
https://hub.docker.com/_/vault[6]
https://hub.docker.com/r/hashicorp/vault-enterprise[7]
https://discuss.hashicorp.com/c/vault