Vault 1.13.2, 1.12.6 and 1.11.10 released!

Release Notifications
1

Hi folks,

The Vault team is announcing the release of Vault 1.13.2, as well as 1.12.6, and 1.11.10!

Open-source binaries can be downloaded at [1, 10, 11]. Enterprise binaries are available to customers as well.

As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing security@hashicorp.com and do not use the public issue tracker. Our security policy and our PGP key can be found at [2].

The major features and improvements in the 1.13.2 release are:

  • AWS Secrets Engine: Fixed a known issue in 1.13.0 and 1.13.1 where STS credentials generated by the engine did not return a lease_duration. This value has been re-introduced in 1.13.2
  • Cert: Fixed OCSP signature verification failure against Vault PKI OCSP responders.
  • HTTP 412 Responses: We addressed some issues where Vault was returning 412 error codes unexpectedly.
  • Integrated Storage: We fixed a bug where dead server cleanup would sometimes prune servers that were still joining the cluster.
  • KMIP: Fixed a problem decrypting with keys that have no Process Start Date attribute.
  • LDAP Auth Method: Added a connection_timeout configuration parameter to control client timeout on dial requests made by the plugin against LDAP servers.
  • PKI: Fixed issues with cross-cluster revocation and unified CRLs on existing mounts after unseal.
  • UI: We included the ability to dismiss a license expiration banner.

See the Changelog at [3] for the full list of improvements and bug fixes.

See the Feature Deprecation Notice and Plans page [7] for our upcoming feature deprecation plans.

Note: Upcoming in Vault 1.14 we will stop publishing official Dockerhub images and publish only our Verified Publisher images. Users of Docker images should pull from “hashicorp/vault” instead of “vault”.

OSS [5] and Enterprise [6] Docker images will be available soon.

Upgrading

See [4] for general upgrade instructions, and [9] for upgrade instructions and known issues for 1.13.

As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at [8].

We hope you enjoy Vault 1.13.2!

Sincerely, The Vault Team

[1] Vault v1.13.2 Binaries | HashiCorp Releases

[2] Security at HashiCorp

[3] vault/CHANGELOG.md at main · hashicorp/vault · GitHub

[4] Upgrading Vault - Guides | Vault | HashiCorp Developer

[5] Docker

[6] Docker

[7] https://vaultproject.io/docs/deprecation

[8] Vault - HashiCorp Discuss

[9] Upgrading Vault - Guides | Vault | HashiCorp Developer

[10] Vault v1.12.6 Binaries | HashiCorp Releases

[11] Vault v1.11.10 Binaries | HashiCorp Releases