Closed renovate[bot] closed 2 years ago
Merging #208 (53624d5) into master (38238de) will not change coverage. The diff coverage is
n/a
.
@@ Coverage Diff @@
## master #208 +/- ##
=======================================
Coverage 64.40% 64.40%
=======================================
Files 11 11
Lines 559 559
=======================================
Hits 360 360
Misses 132 132
Partials 67 67
Continue to review full report at Codecov.
Legend - Click here to learn more
Ξ = absolute <relative> (impact)
,ΓΈ = not affected
,? = missing data
Powered by Codecov. Last update 38238de...53624d5. Read the comment docs.
This PR contains the following updates:
v1.7.1
->v1.7.2
Release Notes
hashicorp/vault
### [`v1.7.2`](https://togithub.com/hashicorp/vault/releases/tag/v1.7.2) [Compare Source](https://togithub.com/hashicorp/vault/compare/v1.7.1...v1.7.2) #### 1.7.2 ##### May 20th, 2021 SECURITY: - Non-Expiring Leases: Vault and Vault Enterprise renewed nearly-expiring token leases and dynamic secret leases with a zero-second TTL, causing them to be treated as non-expiring, and never revoked. This issue affects Vault and Vault Enterprise versions 0.10.0 through 1.7.1, and is fixed in 1.5.9, 1.6.5, and 1.7.2 (CVE-2021-32923). CHANGES: - agent: Update to use IAM Service Account Credentials endpoint for signing JWTs when using GCP Auto-Auth method \[[GH-11473](https://togithub.com/hashicorp/vault/pull/11473)] - auth/gcp: Update to v0.9.1 to use IAM Service Account Credentials API for signing JWTs \[[GH-11494](https://togithub.com/hashicorp/vault/pull/11494)] IMPROVEMENTS: - api, agent: LifetimeWatcher now does more retries when renewal failures occur. This also impacts Agent auto-auth and leases managed via Agent caching. \[[GH-11445](https://togithub.com/hashicorp/vault/pull/11445)] - auth/aws: Underlying error included in validation failure message. \[[GH-11638](https://togithub.com/hashicorp/vault/pull/11638)] - http: Add optional HTTP response headers for hostname and raft node ID \[[GH-11289](https://togithub.com/hashicorp/vault/pull/11289)] - secrets/aws: add ability to provide a role session name when generating STS credentials \[[GH-11345](https://togithub.com/hashicorp/vault/pull/11345)] - secrets/database/mongodb: Add ability to customize `SocketTimeout`, `ConnectTimeout`, and `ServerSelectionTimeout` \[[GH-11600](https://togithub.com/hashicorp/vault/pull/11600)] - secrets/database/mongodb: Increased throughput by allowing for multiple request threads to simultaneously update users in MongoDB \[[GH-11600](https://togithub.com/hashicorp/vault/pull/11600)] BUG FIXES: - agent/cert: Fix issue where the API client on agent was not honoring certificate information from the auto-auth config map on renewals or retries. \[[GH-11576](https://togithub.com/hashicorp/vault/pull/11576)] - agent: Fixed agent templating to use configured tls servername values \[[GH-11288](https://togithub.com/hashicorp/vault/pull/11288)] - core (enterprise): Fix plugins mounted in namespaces being unable to use password policies \[[GH-11596](https://togithub.com/hashicorp/vault/pull/11596)] - core: correct logic for renewal of leases nearing their expiration time. \[[GH-11650](https://togithub.com/hashicorp/vault/pull/11650)] - identity: Use correct mount accessor when refreshing external group memberships. \[[GH-11506](https://togithub.com/hashicorp/vault/pull/11506)] - replication: Fix panic trying to update walState during identity group invalidation. \[[GH-1865](https://togithub.com/hashicorp/vault/pull/1865)] - secrets/database: Fix marshalling to allow providing numeric arguments to external database plugins. \[[GH-11451](https://togithub.com/hashicorp/vault/pull/11451)] - secrets/database: Fixed minor race condition when rotate-root is called \[[GH-11600](https://togithub.com/hashicorp/vault/pull/11600)] - secrets/database: Fixes issue for V4 database interface where `SetCredentials` wasn't falling back to using `RotateRootCredentials` if `SetCredentials` is `Unimplemented` \[[GH-11585](https://togithub.com/hashicorp/vault/pull/11585)] - secrets/keymgmt (enterprise): Fixes audit logging for the read key response. - storage/raft: Support cluster address change for nodes in a cluster managed by autopilot \[[GH-11247](https://togithub.com/hashicorp/vault/pull/11247)] - ui: Fix entity group membership and metadata not showing \[[GH-11641](https://togithub.com/hashicorp/vault/pull/11641)] - ui: Fix text link URL on database roles list \[[GH-11597](https://togithub.com/hashicorp/vault/pull/11597)]Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Enabled.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.