Hi folks,
The Vault team is happy to announce the release of Vault 1.5.1!
There is important security content in this release, and we strongly recommend upgrading if you are using the GCP and/or AWS auth providers. For more information, see the SECURITY section of the Changleog at [3].
Open-source binaries can be downloaded at [1]. Enterprise binaries are available to customers as well.
As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing security@hashicorp.com and do not use the public issue tracker. Our security policy and our PGP key can be found at [2].
Key fixes and improvements in this release are enumerated below.
- OIDC Auth : Add support for fetching groups and user information from G Suite during authentication.
- OpenLDAP Secrets : Add “ad” schema that allows the engine to correctly rotate AD passwords.
See the Changelog at [3] for the full list of improvements and bug fixes.
OSS [5] and Enterprise [6] Docker images will be available soon.
Upgrading
See [4] for general upgrade instructions.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at [7].
We hope you enjoy Vault 1.5.1!
Sincerely,The Vault Team
[1] https://releases.hashicorp.com/vault/1.5.1/
[2] https://www.hashicorp.com/security
[3] https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#151
[4] https://www.vaultproject.io/docs/upgrading
[5] https://hub.docker.com/_/vault
[6] https://hub.docker.com/r/hashicorp/vault-enterprise
[7] https://discuss.hashicorp.com/c/vault