v1.14.5
1.14.5
October 25, 2023
CHANGES:
- core: Bump Go version to 1.20.10.
- replication (enterprise): Switch to non-deprecated gRPC field for resolver target host
IMPROVEMENTS:
- api/plugins: add
tls-server-name
arg for plugin registration [GH-23549] - core: Use a worker pool for the rollback manager. Add new metrics for the rollback manager to track the queued tasks. [GH-22567]
- ui: Adds toggle to KV secrets engine value download modal to optionally stringify value in downloaded file [GH-23747]
- website/docs: fix inaccuracies with unauthenticated_in_flight_requests_access parameter [GH-23287]
BUG FIXES:
- command/server: Fix bug with sigusr2 where pprof files were not closed correctly [GH-23636]
- events: Ignore sending context to give more time for events to send [GH-23500]
- expiration: Prevent large lease loads from delaying state changes, e.g. becoming active or standby. [GH-23282]
- kmip (enterprise): Improve handling of failures due to storage replication issues.
- kmip (enterprise): Return a structure in the response for query function Query Server Information.
- mongo-db: allow non-admin database for root credential rotation [GH-23240]
- replication (enterprise): Fix a bug where undo logs would only get enabled on the initial node in a cluster.
- replication (enterprise): Fix a missing unlock when changing replication state
- secrets/consul: Fix revocations when Vault has an access token using specific namespace and admin partition policies [GH-23010]
- secrets/pki: Stop processing in-flight ACME verifications when an active node steps down [GH-23278]
- secrets/transit (enterprise): Address an issue using sign/verify operations with managed keys returning an error about it not containing a private key
- secrets/transit (enterprise): Address panic when using GCP,AWS,Azure managed keys for encryption operations. At this time all encryption operations for the cloud providers have been disabled, only signing operations are supported.
- secrets/transit (enterprise): Apply hashing arguments and defaults to managed key sign/verify operations
- secrets/transit: Do not allow auto rotation on managed_key key types [GH-23723]
- storage/consul: fix a bug where an active node in a specific sort of network
partition could continue to write data to Consul after a new leader is elected
potentially causing data loss or corruption for keys with many concurrent
writers. For Enterprise clusters this could cause corruption of the merkle trees
leading to failure to complete merkle sync without a full re-index. [GH-23013] - ui: Decode the connection url for display on the connection details page [GH-23695]
- ui: Fix AWS secret engine to allow empty policy_document field. [GH-23470]
- ui: Fix the copy token button in the sidebar navigation window when in a collapsed state. [GH-23331]
- ui: Fixes issue with sidebar navigation links disappearing when navigating to policies when a user is not authorized [GH-23516]