$npx -y @buildinternet/releases show rel_tqP5k4yNNUU7-KsEipHFk
1.17.6
September 25, 2024
CHANGES:
core: Bump Go version to 1.22.7
secrets/ldap: Update vault-plugin-secrets-openldap to v0.13.1 [GH-28478]
secrets/ssh: Add a flag, allow_empty_principals to allow keys or certs to apply to any user/principal. [GH-28466]
IMPROVEMENTS:
audit: Internal implementation changes to the audit subsystem which improve relability. [GH-28286]
ui: Remove deprecated current_billing_period from dashboard activity log request [GH-27559]
BUG FIXES:
auth/aws: Fixed potential panic after step-down and the queue has not repopulated. [GH-28330]
auth/cert: During certificate validation, OCSP requests are debug logged even if Vault's log level is above DEBUG. [GH-28450]
auth/cert: ocsp_ca_certificates field was not honored when validating OCSP responses signed by a CA that did not issue the certificate. [GH-28309]
auth: Updated error handling for missing login credentials in AppRole and UserPass auth methods to return a 400 error instead of a 500 error. [GH-28441]
core: Fixed an issue where maximum request duration timeout was not being added to all requests containing strings sys/monitor and sys/events. With this change, timeout is now added to all requests except monitor and events endpoint. [GH-28230]
proxy/cache (enterprise): Fixed a data race that could occur while tracking capabilities in Proxy's static secret cache. [GH-28494]
secrets-sync (enterprise): Secondary nodes in a cluster now properly check activation-flags values.
secrets-sync (enterprise): Validate corresponding GitHub app parameters app_name and installation_id are set