./security/vault, Tool for managing secrets

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.6.6nb2, Package name: vault-1.6.6nb2, Maintainer: pkgsrc-users

Vault is a tool for securely accessing secrets. A secret is
anything that you want to tightly control access to, such as API
keys, passwords, certificates, and more. Vault provides a unified
interface to any secret, while providing tight access control and
recording a detailed audit log.


Required to build:
[pkgtools/cwrappers] [lang/go114]

Master sites:

RMD160: 33e9b0f0e9c1f29c7cca9ad56343d0d21450d2d4
Filesize: 38221.824 KB

Version history: (Expand)


CVS history: (Expand)


   2021-10-08 20:55:13 by Benny Siegert | Files touched by this commit (96) | Package updated
Log message:
Revbump all Go packages after go117 update
   2021-10-07 16:54:50 by Nia Alarie | Files touched by this commit (606)
Log message:
security: Remove SHA1 hashes for distfiles
   2021-09-17 15:52:58 by Benny Siegert | Files touched by this commit (99) | Package updated
Log message:
Revbump all Go packages after go117 update
   2021-08-11 21:35:16 by Benny Siegert | Files touched by this commit (112) | Package updated
Log message:
Revbump all Go packages after go116 update
   2021-07-13 13:36:45 by Benny Siegert | Files touched by this commit (132) | Package updated
Log message:
Revbump all Go packages after go116 update
   2021-06-06 14:19:04 by Benny Siegert | Files touched by this commit (203) | Package updated
Log message:
Revbump all Go packages after go116 update
   2021-05-30 19:37:53 by Havard Eidnes | Files touched by this commit (2) | Package updated
Log message:
Upgrade security/vault to version 1.6.5.

Pkgsrc changes:
 * None

Upstream changes:

v1.6.5:
May 20th, 2021

SECURITY:
 * Non-Expiring Leases: Vault and Vault Enterprise renewed
   nearly-expiring token leases and dynamic secret leases with a
   zero-second TTL, causing them to be treated as non-expiring,
   and never revoked. This issue affects Vault and Vault Enterprise
   versions 0.10.0 through 1.7.1, and is fixed in 1.5.9, 1.6.5,
   and 1.7.2 (CVE-2021-32923).

CHANGES:
 * agent: Update to use IAM Service Account Credentials endpoint
   for signing JWTs when using GCP Auto-Auth method [GH-11473]
 * auth/gcp: Update to v0.8.1 to use IAM Service Account Credentials
   API for signing JWTs [GH-11498]

BUG FIXES:
 * core (enterprise): Fix plugins mounted in namespaces being
   unable to use password policies [GH-11596]
 * core: correct logic for renewal of leases nearing their expiration
   time. [GH-11650]
 * secrets/database: Fix marshalling to allow providing numeric
   arguments to external database plugins. [GH-11451]
 * secrets/database: Fixes issue for V4 database interface where
   SetCredentials wasn't falling back to using RotateRootCredentials
   if SetCredentials is Unimplemented [GH-11585]
 * ui: Fix namespace-bug on login [GH-11182]

v1.6.4:
April 21, 2021
Release vault v1.6.4

v1.6.3
February 25, 2021

SECURITY:
 * Limited Unauthenticated License Read: We addressed a security
   vulnerability that allowed for the unauthenticated reading of
   Vault licenses from DR Secondaries. This vulnerability affects
   Vault and Vault Enterprise and is fixed in 1.6.3 (CVE-2021-27668).

CHANGES:
 * secrets/mongodbatlas: Move from whitelist to access list API [GH-10966]

IMPROVEMENTS:
 * ui: Clarify language on usage metrics page empty state [GH-10951]

BUG FIXES:
 * auth/kubernetes: Cancel API calls to TokenReview endpoint when
   request context is closed [GH-10930]
 * core/identity: Fix deadlock in entity merge endpoint. [GH-10877]
 * quotas: Fix duplicate quotas on performance standby nodes. [GH-10855]
 * quotas/rate-limit: Fix quotas enforcing old rate limit quota paths [GH-10689]
   replication (enterprise): Don't write request count data on DR Secondaries.
 * Fixes DR Secondaries becoming out of sync approximately every 30s. [GH-10970]
 * secrets/azure (enterprise): Forward service principal credential
   creation to the primary cluster if called on a performance
   standby or performance secondary. [GH-10902]
   2021-05-08 17:02:47 by Benny Siegert | Files touched by this commit (216) | Package updated
Log message:
Revbump all Go packages after go116 update