Hi folks,
The Vault team is announcing the release of 1.15.1, as well as Vault 1.14.5 and 1.13.9.
Community Edition binaries can be downloaded at [1, 2, 3]. Enterprise binaries are available to customers as well.
As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing security@hashicorp.com and do not use the public issue tracker. Our security policy and our PGP key can be found at [4].
The major features and improvements in the 1.15.1 release are:
Audit: Fixed a regression in audit logging that was not properly reloading audit log files on SIGHUP
AWS Auth Method: Fix panic that could occur during IAM-based login when client config doesn’t exist
UI Banners:
Surfaces warning banner if UI has stopped auto-refreshing token.
Shows banner when resultant-acl check fails due to permissions or wrong namespace.
See the Changelog at [5] for the full list of improvements and bug fixes.
See the Feature Deprecation Notice and Plans page [10] for our upcoming feature deprecation plans.
Community [8] and Enterprise [9] Docker images will be available soon.
Upgrading
See [6] for general upgrade instructions, and [7] for upgrade instructions and known issues.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at [11].
We hope you enjoy Vault 1.15.1!
Sincerely, The Vault Team
[1] Vault v1.15.1 Binaries | HashiCorp Releases
[2] Vault v1.14.5 Binaries | HashiCorp Releases
[3] Vault v1.13.9 Binaries | HashiCorp Releases
[5] https://github.com/hashicorp/vault/blob/main/CHANGELOG.md
[6] Upgrading Vault - Guides | Vault | HashiCorp Developer
[7] 1.15.0 release notes | Vault | HashiCorp Developer
[8] Docker
[9] Docker
[10] Feature Deprecation Notice | Vault | HashiCorp Developer