Skip to content

v1.6.3
Compare
Choose a tag to compare
@hashicorp-ci hashicorp-ci released this 25 Feb 18:21
v1.6.3
b540be4
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

SECURITY:

  • Limited Unauthenticated License Read: We addressed a security vulnerability that allowed for the unauthenticated
    reading of Vault licenses from DR Secondaries. This vulnerability affects Vault and Vault Enterprise and is
    fixed in 1.6.3 (CVE-2021-27668).

CHANGES:

  • secrets/mongodbatlas: Move from whitelist to access list API [GH-10966]

IMPROVEMENTS:

  • ui: Clarify language on usage metrics page empty state [GH-10951]

BUG FIXES:

  • auth/kubernetes: Cancel API calls to TokenReview endpoint when request context
    is closed [GH-10930]
  • core/identity: Fix deadlock in entity merge endpoint. [GH-10877]
  • quotas: Fix duplicate quotas on performance standby nodes. [GH-10855]
  • quotas/rate-limit: Fix quotas enforcing old rate limit quota paths [GH-10689]
  • replication (enterprise): Don't write request count data on DR Secondaries.
    Fixes DR Secondaries becoming out of sync approximately every 30s. [GH-10970]
  • secrets/azure (enterprise): Forward service principal credential creation to the
    primary cluster if called on a performance standby or performance secondary. [GH-10902]
Assets 2