diff options
| author | he <he@pkgsrc.org> | 2021-08-27 09:24:41 +0000 |
|---|---|---|
| committer | he <he@pkgsrc.org> | 2021-08-27 09:24:41 +0000 |
| commit | d42ad5bb2f93663d60d03d03fdb43ee3fa27dc7a (patch) | |
| tree | da8135392e72005e0ca26249d5094dbd415ad068 /security | |
| parent | 241cf93f7d140f41e5d9be0e2f9b4ca7f178553d (diff) | |
| download | pkgsrc-d42ad5bb2f93663d60d03d03fdb43ee3fa27dc7a.tar.gz | |
Upgrade security/vault to version 1.6.6.
Pkgsrc changes:
* Note that we need go >= 1.15.15.
Upstream changes:
26 August 2021
SECURITY:
* UI Secret Caching: The Vault UI erroneously cached and exposed
user-viewed secrets between authenticated sessions in a single
shared browser, if the browser window / tab was not refreshed or
closed between logout and a subsequent login. This vulnerability,
CVE-2021-38554, was fixed in Vault 1.8.0 and will be addressed in
pending 1.7.4 / 1.6.6 releases.
CHANGES:
* go: Update go version to 1.15.15 [GH-12423]
IMPROVEMENTS:
* db/cassandra: Added tls_server_name to specify server name for
TLS validation [GH-11820]
BUG FIXES:
* physical/raft: Fix safeio.Rename error when restoring snapshots
on windows [GH-12377]
* secret: fix the bug where transit encrypt batch doesn't work
with key_version [GH-11628]
* secrets/database: Fixed an issue that prevented external database
plugin processes from restarting after a shutdown. [GH-12087]
* ui: Automatically refresh the page when user logs out [GH-12035]
* ui: Fixes metrics page when read on counter config not allowed [GH-12348]
* ui: fix oidc login with Safari [GH-11884]
Diffstat (limited to 'security')
| -rw-r--r-- | security/vault/Makefile | 8 | ||||
| -rw-r--r-- | security/vault/distinfo | 10 |
2 files changed, 9 insertions, 9 deletions
diff --git a/security/vault/Makefile b/security/vault/Makefile index dea00885b4c..ff3d962c542 100644 --- a/security/vault/Makefile +++ b/security/vault/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.68 2021/08/11 19:35:07 bsiegert Exp $ +# $NetBSD: Makefile,v 1.69 2021/08/27 09:24:41 he Exp $ -DISTNAME= vault-1.6.5 -PKGREVISION= 3 +DISTNAME= vault-1.6.6 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GITHUB:=hashicorp/} @@ -11,7 +10,6 @@ COMMENT= Tool for managing secrets LICENSE= mpl-2.0 GITHUB_TAG= v${PKGVERSION_NOREV} -WORKSRC= ${PKGNAME} GO_DIST_BASE= ${DISTNAME} GO_SRCPATH= github.com/hashicorp/vault @@ -22,6 +20,8 @@ USE_TOOLS+= bash gmake INSTALLATION_DIRS+= bin +DEPENDS+= go>=1.15.15:../../lang/go + # Clumsy workaround for https://github.com/golang/go/issues/22409 pre-build: ${RM} -rf ${WRKSRC}/vault/external_tests diff --git a/security/vault/distinfo b/security/vault/distinfo index a09f2d86ee0..3e5f2bd124d 100644 --- a/security/vault/distinfo +++ b/security/vault/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.27 2021/05/30 17:37:53 he Exp $ +$NetBSD: distinfo,v 1.28 2021/08/27 09:24:41 he Exp $ -SHA1 (vault-1.6.5.tar.gz) = e9b47cf76c96deea4b466a9d3cc64a39a5d0959b -RMD160 (vault-1.6.5.tar.gz) = 1b2a7ed3e6c45e31cd18a3314399a512adba4e88 -SHA512 (vault-1.6.5.tar.gz) = 0f5640d376f21d57bf25db0865b4509ef819dd82e950f8c9192188ab3ef1c2477c369049b69a5194e27051b5d8dc523b9760b01eda6568f7348bb782cf6f97c6 -Size (vault-1.6.5.tar.gz) = 39136426 bytes +SHA1 (vault-1.6.6.tar.gz) = f627772ec519a2e01b142580e5ed8b17cebfd423 +RMD160 (vault-1.6.6.tar.gz) = 33e9b0f0e9c1f29c7cca9ad56343d0d21450d2d4 +SHA512 (vault-1.6.6.tar.gz) = 820ec2f0b71defe6e6920bb4eefec55536d3d06345b676323d4af0c74c837c886871b0951b54f917e27b61bade9b4a8e9f36e3905a82a134b9e5f887ed744534 +Size (vault-1.6.6.tar.gz) = 39139148 bytes SHA1 (patch-scripts_gen__openapi.sh) = 1ad66480ef135adec05f58b088440e0bec6b4ab8 SHA1 (patch-vendor_github.com_docker_docker_client_client__unix.go) = 86d985a6aac6b0eaaf6bdc3b1e4a7e2d17454a6a SHA1 (patch-vendor_github.com_docker_docker_pkg_system_stat__netbsd.go) = 09c2f699b37fcb2ea05ca0df270359426a0629b7 |