core (enterprise): Ensure Role Governing Policies are only applied down the namespace hierarchy
core/namespace (enterprise): Introduce the concept of high-privilege namespace (administrative namespace),
which will have access to some system backend paths that were previously only accessible in the root namespace. [GH-21215]
core: Bump Go version to 1.21.1.
database/couchbase: Update plugin to v0.9.3 [GH-22854]
database/couchbase: Update plugin to v0.9.4 [GH-22871]
database/elasticsearch: Update plugin to v0.13.3 [GH-22696]
database/mongodbatlas: Update plugin to v0.10.1 [GH-22655]
database/redis-elasticache: Update plugin to v0.2.2 [GH-22584]
database/redis-elasticache: Update plugin to v0.2.3 [GH-22598]
database/redis: Update plugin to v0.2.2 [GH-22654]
database/snowflake: Update plugin to v0.9.0 [GH-22516]
events: Log level for processing an event dropped from info to debug. [GH-22997]
events: data_path will include full data path of secret, including name. [GH-22487]
replication (enterprise): Switch to non-deprecated gRPC field for resolver target host
sdk/logical/events: EventSender interface method is now SendEvent instead of Send. [GH-22487]
secrets/transit: fix a regression that was honoring nonces provided in non-convergent modes during encryption. This vulnerability, CVE-2023-4680, is fixed in Vault 1.14.3, 1.13.7, and 1.12.11. [GH-22852, HSEC-2023-28]
sentinel (enterprise): Sentinel RGP policies allowed for cross-namespace denial-of-service. This vulnerability, CVE-2023-3775, is fixed in Vault Enterprise 1.15.0, 1.14.4, and 1.13.8.[HSEC-2023-29]
CHANGES:
auth/alicloud: Update plugin to v0.16.0 [GH-22646]
core (enterprise): Ensure Role Governing Policies are only applied down the namespace hierarchy
core/namespace (enterprise): Introduce the concept of high-privilege namespace (administrative namespace),
which will have access to some system backend paths that were previously only accessible in the root namespace. [GH-21215]
core: Bump Go version to 1.21.1.
database/couchbase: Update plugin to v0.9.3 [GH-22854]
database/couchbase: Update plugin to v0.9.4 [GH-22871]
database/elasticsearch: Update plugin to v0.13.3 [GH-22696]
database/mongodbatlas: Update plugin to v0.10.1 [GH-22655]
database/redis-elasticache: Update plugin to v0.2.2 [GH-22584]
database/redis-elasticache: Update plugin to v0.2.3 [GH-22598]
database/redis: Update plugin to v0.2.2 [GH-22654]
database/snowflake: Update plugin to v0.9.0 [GH-22516]
events: Log level for processing an event dropped from info to debug. [GH-22997]
events: data_path will include full data path of secret, including name. [GH-22487]
replication (enterprise): Switch to non-deprecated gRPC field for resolver target host
sdk/logical/events: EventSender interface method is now SendEvent instead of Send. [GH-22487]
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps github.com/hashicorp/vault/api from 1.14.0 to 1.15.0.
Release notes
Sourced from github.com/hashicorp/vault/api's releases.
... (truncated)
Changelog
Sourced from github.com/hashicorp/vault/api's changelog.
... (truncated)
Commits
b4d0727backport of commit 771470c28f099c2af5342c76d94716d45aa6887e (#23012)f8da51cbackport of commit 88ed074287d99da0e298589c5236fa094f770b08 (#23263)9e00b34backport of commit ac9f411949b57669884157a6b6239cb586023175 (#23259)20af1ebbackport of commit 036cbcebd9c5669edbb4519c68cc56f8b83f12d6 (#23258)99b916abackport of commit 8924f9592d9ff6013c11d5459c376a90908a3c4c (#23257)4e439e0backport of commit 1d61aeb8aebc96eecbb6a35e10bd914b4d0f41f4 (#23249)565427abackport of commit 1e76ad42ef4221cb8a58e050d2edbfc552a878a0 (#23247)6fafd52backport: Support mlock and custom tmpdir for containerized plugins (#23215) ...d3927bcBackport UI: Add pagination to new PKI (#23238)5603003backport of commit 68dd82c902ecf4487d9c17729527da9befb81a7f (#23246)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show