$npx -y @buildinternet/releases show rel_dI5vKoIW84UHAHAcSX9yT
1.15.6
February 29, 2024
SECURITY:
auth/cert: compare public keys of trusted non-CA certificates with incoming
client certificates to prevent trusting certs with the same serial number
but not the same public/private key. [GH-25649]
CHANGES:
core: Bump Go version to 1.21.7.
secrets/openldap: Update plugin to v0.12.1 [GH-25524]
FEATURES:
Manual License Utilization Reporting: Added manual license
utilization reporting, which allows users to create manual exports of product-license [metering
data] to report to Hashicorp.
IMPROVEMENTS:
auth/cert: Cache trusted certs to reduce memory usage and improve performance of logins. [GH-25421]
ui: Add deletion_allowed param to transformations and include tokenization as a type option [GH-25436]
ui: redirect back to current route after reauthentication when token expires [GH-25335]
ui: remove unnecessary OpenAPI calls for unmanaged auth methods [GH-25364]
BUG FIXES:
agent: Fix issue where Vault Agent was unable to render KVv2 secrets with delete_version_after set. [GH-25387]
audit: Handle a potential panic while formatting audit entries for an audit log [GH-25605]
core (enterprise): Fix a deadlock that can occur on performance secondary clusters when there are many mounts and a mount is deleted or filtered [GH-25448]
core (enterprise): Fix a panic that can occur if only one seal exists but is unhealthy on the non-first restart of Vault.
core/quotas: Deleting a namespace that contains a rate limit quota no longer breaks replication [GH-25439]
openapi: Fixing response fields for rekey operations [GH-25509]
secrets/transit: When provided an invalid input with hash_algorithm=none, a lock was not released properly before reporting an error leading to deadlocks on a subsequent key configuration update. [GH-25336]
storage/file: Fixing spuriously deleting storage keys ending with .temp [GH-25395]
transform (enterprise): guard against a panic looking up a token in exportable mode with barrier storage.
ui: Do not disable JSON display toggle for KV version 2 secrets [GH-25235]
ui: Do not show resultant-acl banner on namespaces a user has access to [GH-25256]
ui: Fix copy button not working on masked input when value is not a string [GH-25269]
ui: Update the KV secret data when you change the version you're viewing of a nested secret. [GH-25152]