Releases: shieldproject/shield
V8.8.6
Breaking Change
-
Shield was compiled on Ubuntu Jammy, and as such, requires Jammy stemcell from this release on.
-
The azure plugin was removed due to incompatible changes in upstream libraries -- this will be restored in a future release, but if you're using this plugin, please refrain from upgrading to this release.
Improvements
- Updated go modules and vendored them to resolve latent CVEs and bugs
- Compiled with Go v1.20.4 on Ubuntu Jammy to address CVEs inherent to previous versions of language/OS.
Full Changelog: v8.8.5...v8.8.6
shield Release v8.8.5
Improvements
- Added flag for token verification in Okta OAuth
shield Release v8.8.4
New Features
- Added
Okta
OAuth Integration to SHIELD.
shield Release v8.8.3
Improvements
- Added
--file
flag to SHIELD's curl to use a filename to supply the request body.
shield Release v8.8.2
Bug Fix
- Fixed login screen for Github OAuth
shield Release v8.8.1
Improvements
- Renamed RabbitMQ Broker Backup Plugin
shield Release v8.8.0
New Features
-
Added
Gzip
to compression options. -
Added backup job retry feature.
Improvements
-
Added Mac ARM64 functionality to shield.
-
Enabled actual download of ARM64 binary.
-
Support for M1 ARM64 within api tests.
-
Fixed description of notes for Define a New Data System.
shield Release v8.7.4
Improvements
- The web UI now waits 3 seconds before attempting to reconnect to the websocket, in order to avoid aggressive looping in cases where connection where a reverse proxy is obscuring the websocket's return code.
- The vault plugin can now backup and restore non-string data types without coercing them to strings. This will not work with existing backups - new backups will have to be taken with the updated plugin to gain this benefit.
- The vault plugin now supports enterprise namespaces.
Bug Fixes
- The shield core can now more reliably determine the seal state of its internal vault storage.
- The rabbitmq-broker plugin no longer errs if skip_ssl_validation is set to false in the web UI.
Warning
- This version was compiled with Go 1.16, meaning that components, typically plugins, will enforce that certificates must have a valid Subject Alternative Name - a Subject line with the domain name will no longer suffice.
shield Release v8.7.3
Improvements
-
Docker images are now compiling via the go 1.13 toolchain.
-
Agent Registration can now occur through chained load balancers,
with standards-compliant comma-separated X-Forwarded-For
headers. Why you would want to do this is beyond me, but ¯_(ツ)_/¯ -
The
metashield
plugin now trusts system X.509 Root CAs if no
specific CA is supplied. -
Bootstrap restoration is simpler now, and the UI for init /
restore is more streamlined. See #680.
shield Release v8.7.2
Bug Fixes
- SHIELD will now be able to properly authenticate to vault again.