Hi all,
The Vault team is announcing the release of 1.18.3, as well as Vault Enterprise 1.17.10 and 1.16.14.
The Community Edition binary can be downloaded at [1]. Enterprise binaries are available to customers as well.
As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing security@hashicorp.com and do not use the public issue tracker. Our security policy and our PGP key can be found at [2].
Notable changes in these releases are:
- For secret rotations in the LDAP and Database secrets engines, Vault will respond to a rejected password update by generating a new password and re-attempting to update the password with the LDAP or database server.
- We have updated the Go version to 1.23.3 for all three releases.
- The PKI engine now validates issuer specified constraints (EKU, Name constraints, issuer name) for signing/issuing leaf certificates. For more information see PKI considerations
See the Changelog at [3] for the full list of improvements and bug fixes.
See the Feature Deprecation Notice and Plans page [8] for our upcoming feature deprecation plans.
Community [6] and Enterprise [7] Docker images will be available soon.
Upgrading
See [4] for general upgrade instructions and [5] for upgrade instructions and known issues.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at [9].
Sincerely, The Vault Team
[1] Vault v1.18.3 Binaries | HashiCorp Releases
[3] vault/CHANGELOG.md at main · hashicorp/vault · GitHub
[4] Upgrading Vault - Guides | Vault | HashiCorp Developer
[5] Release Notes | Vault | HashiCorp Developer
[6] https://hub.docker.com/r/hashicorp/vault
[7] https://hub.docker.com/r/hashicorp/vault-enterprise