core (enterprise): Fix some races in merkle index flushing code found in testing
core: Increase the allowed concurrent gRPC streams over the cluster port. [GH-16327]
database: Invalidate queue should cancel context first to avoid deadlock [GH-15933]
secrets/database: Fix a bug where the secret engine would queue up a lot of WAL deletes during startup. [GH-16686]
ui: Fix OIDC callback to accept namespace flag in different formats [GH-16886]
ui: Fix issue logging in with JWT auth method [GH-16466]
SECURITY:
identity/entity: When entity aliases mapped to a single entity share the same alias name, but have different mount accessors, Vault can leak metadata between the aliases. This metadata leak may result in unexpected access if templated policies are using alias metadata for path names. [HCSEC-2022-18]
1.9.8
July 21, 2022
CHANGES:
core: Bump Go version to 1.17.12.
IMPROVEMENTS:
secrets/ssh: Allow additional text along with a template definition in defaultExtension value fields. [GH-16018]
BUG FIXES:
core/identity: Replicate member_entity_ids and policies in identity/group across nodes identically [GH-16088]
core/replication (enterprise): Don't flush merkle tree pages to disk after losing active duty
core/seal: Fix possible keyring truncation when using the file backend. [GH-15946]
storage/raft (enterprise): Prevent unauthenticated voter status change with rejoin [GH-16324]
transform (enterprise): Fix a bug in the handling of nested or unmatched capture groups in FPE transformations.
ui: Fix issue where metadata tab is hidden even though policy grants access [GH-15824]
ui: Updated leasId to leaseId in the "Copy Credentials" section of "Generate AWS Credentials" [GH-15685]
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/renard/papersave/network/alerts).
Bumps github.com/hashicorp/vault from 1.3.2 to 1.9.9.
Release notes
Sourced from github.com/hashicorp/vault's releases.
... (truncated)
Changelog
Sourced from github.com/hashicorp/vault's changelog.
... (truncated)
Commits
9c11f0a
Backport of UI/OIDC auth bug for hcp namespace flag into release/1.9.x (#16909)f128cbd
backport of commit 247a019be0ace89bfa3cdc54c0294829bf390ef0 (#16885)d651606
Update 1.9.x go 1.17.13 (#16836)f788761
backport of commit bab106359351d060e8691b8b7ebd1a21b72bdfbe (#16841)899c297
Typo: Corrected same typo in 2 locations (on-premise to on-premises) (#13402)...5395ad5
backport of commit 8c6c586a529df4504d4291c3ec8cd5563cc137c7 (#13984)b920bde
Backport consul-template update (#16792)89bd5d5
backport of commit 5118aa6d0c22bf4a09878e4f83909d167b55b1ed (#14408)462ef0f
backport of commit 192c2aa7e2f092f96054c7cd36b32630e80ca351 (#16708)60cf24c
backport of commit b8a706b122228dfe58611fe5ed3b5c83ffe3929f (#16689)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/renard/papersave/network/alerts).