The Vault team is announcing the release of Vault 1.12.3, 1.11.7, and 1.10.10.
Open-source binaries can be downloaded at [1, 2, 3]. Enterprise binaries are available to customers as well.
As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing firstname.lastname@example.org and do not use the public issue tracker. Our security policy and our PGP key can be found at .
There are some upcoming changes in Vault 1.13, and in Consul 1.14 that will affect some Vault users:
AliCloud Auth Method: The AliCloud auth plugin will now require the
roleparameter on login. This has always been documented as a required field but the requirement will now be enforced.
- Consul: If you are using Vault with Consul storage, and the Consul servers are using Consul on Kubernetes, when you upgrade to Consul 1.14 you will need to edit your helm chart. Full instructions are available on the Consul documentation .
- Log XI Environment Variable: We are removing an undocumented environment variable (LOGXI_FORMAT). Any users of that environment variable should switch to the VAULT_LOG_FORMAT environment variable.
- Replication (Enterprise): In 1.12, we fixed a race condition in the merkle-sync/merkle-diff process but the improvement is disabled by default. In 1.13 the improvement will be enabled by default for Integrated Storage users, and users of Consul 1.14+.
Note that we have updated the Go Version to 1.19.4 for all of the Vault releases.
The major features and improvements in 1.12.3 are:
- Lease Expiration: Fixed a panic on performance standbys when an irrevocable lease gets deleted
- Quotas: Fixed a deadlock and an issue with quota exempt paths
See the Changelog at  for the full list of improvements and bug fixes.
See the Feature Deprecation Notice and Plans page  for our full upcoming feature deprecation plans.
Verified publisher OSS  and Enterprise  Docker images are also available.
See  for general upgrade instructions.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at .
We hope you enjoy Vault 1.12.3!
Sincerely, The Vault Team
 Vault v1.12.3 Binaries | HashiCorp Releases
 Vault v1.11.7 Binaries | HashiCorp Releases
 Vault v1.10.10 Binaries | HashiCorp Releases
 Security at HashiCorp
 Upgrading Vault - Guides | Vault | HashiCorp Developer
 Feature Deprecation Notice | Vault | HashiCorp Developer
 Vault - HashiCorp Discuss
 Upgrading Consul on Kubernetes Components | Consul | HashiCorp Developer