morningconsult / docker-credential-vault-login

Automatically gets docker credentials from Hashicorp Vault
Apache License 2.0
77 stars 11 forks source link

chore(deps): bump github.com/hashicorp/vault from 1.7.0 to 1.7.1 #68

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Bumps github.com/hashicorp/vault from 1.7.0 to 1.7.1.

Release notes

Sourced from github.com/hashicorp/vault's releases.

v1.7.1

Release vault 1.7.1

Changelog

Sourced from github.com/hashicorp/vault's changelog.

1.7.1

21 April 2021

SECURITY:

  • The PKI Secrets Engine tidy functionality may cause Vault to exclude revoked-but-unexpired certificates from the Vault CRL. This vulnerability affects Vault and Vault Enterprise 1.5.1 and newer and was fixed in versions 1.5.8, 1.6.4, and 1.7.1. (CVE-2021-27668)
  • The Cassandra Database and Storage backends were not correctly verifying TLS certificates. This issue affects all versions of Vault and Vault Enterprise and was fixed in versions 1.6.4, and 1.7.1. (CVE-2021-27400)

CHANGES:

IMPROVEMENTS:

  • auth/jwt: Adds ability to directly provide service account JSON in G Suite provider config. [GH-11388]
  • core: Add tls_max_version listener config option. [GH-11226]
  • core: Add metrics for standby node forwarding. [GH-11366]
  • core: allow arbitrary length stack traces upon receiving SIGUSR2 (was 32MB) [GH-11364]

BUG FIXES:

  • core: Fix cleanup of storage entries from cubbyholes within namespaces. [GH-11408]
  • core: Fix goroutine leak when updating rate limit quota [GH-11371]
  • core: Fix storage entry leak when revoking leases created with non-orphan batch tokens. [GH-11377]
  • core: requests forwarded by standby weren't always timed out. [GH-11322]
  • pki: Only remove revoked entry for certificates during tidy if they are past their NotAfter value [GH-11367]
  • replication: Fix: mounts created within a namespace that was part of an Allow filtering rule would not appear on performance secondary if created after rule was defined. [GH-1807]
  • replication: Perf standby nodes on newly enabled DR secondary sometimes couldn't connect to active node with TLS errors. [GH-1823]
  • secrets/database/cassandra: Fixed issue where hostnames were not being validated when using TLS [GH-11365]
  • secrets/database/cassandra: Updated default statement for password rotation to allow for special characters. This applies to root and static credentials. [GH-11262]
  • storage/dynamodb: Handle throttled batch write requests by retrying, without which writes could be lost. [GH-10181]
  • storage/raft: leader_tls_servername wasn't used unless leader_ca_cert_file and/or mTLS were configured. [GH-11252]
  • ui: Add root rotation statements support to appropriate database secret engine plugins [GH-11404]
  • ui: Fix bug where the UI does not recognize version 2 KV until refresh, and fix [object Object] error message [GH-11258]
  • ui: Fix footer URL linking to the correct version changelog. [GH-11283]
  • ui: Fix namespace-bug on login [GH-11182]
  • ui: Fix status menu no showing on login [GH-11213]
  • ui: fix issue where select-one option was not showing in secrets database role creation [GH-11294]
Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually