The Vault team is announcing the release of Vault 1.13.1, as well as 1.12.5, and 1.11.9!
Open-source binaries can be downloaded at [1, 10, 11]. Enterprise binaries are available to customers as well.
As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing secu...@hashicorp.com and do not use the public issue tracker. Our security policy and our PGP key can be found at .
The major features and improvements in the 1.13.1 release are:
ADP Transform: Fixed loss of intermediate key versions under a specific scenario where config is changed and a restart or leader change occurs followed by a key rotation.
Vault as an Software Security Module (SSM): Release of version 0.2.0 of the PKCS#11 Vault Provider  that includes mechanisms for encryption, decryption, signing and verification for AES and RSA keys.
See the Changelog at  for the full list of improvements and bug fixes.
See the Feature Deprecation Notice and Plans page  for our upcoming feature deprecation plans.
Note: Upcoming in Vault 1.14 we will stop publishing official Dockerhub images and publish only our Verified Publisher images. Users of Docker images should pull from “hashicorp/vault” instead of “vault”.
OSS  and Enterprise  Docker images will be available soon.
See  for general upgrade instructions, and  for upgrade instructions and known issues for 1.13.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at .
We hope you enjoy Vault 1.13.1!
Sincerely, The Vault Team