diff options
| author | he <he@pkgsrc.org> | 2021-05-30 17:37:53 +0000 |
|---|---|---|
| committer | he <he@pkgsrc.org> | 2021-05-30 17:37:53 +0000 |
| commit | 02526462577331775c2e290102adb97ac4275f24 (patch) | |
| tree | 0e55885eedfa0657094d8f2919bfde9fc75378f1 /security | |
| parent | 1019cbe7e8825aba62d9968b7de573372fea057d (diff) | |
| download | pkgsrc-02526462577331775c2e290102adb97ac4275f24.tar.gz | |
Upgrade security/vault to version 1.6.5.
Pkgsrc changes:
* None
Upstream changes:
v1.6.5:
May 20th, 2021
SECURITY:
* Non-Expiring Leases: Vault and Vault Enterprise renewed
nearly-expiring token leases and dynamic secret leases with a
zero-second TTL, causing them to be treated as non-expiring,
and never revoked. This issue affects Vault and Vault Enterprise
versions 0.10.0 through 1.7.1, and is fixed in 1.5.9, 1.6.5,
and 1.7.2 (CVE-2021-32923).
CHANGES:
* agent: Update to use IAM Service Account Credentials endpoint
for signing JWTs when using GCP Auto-Auth method [GH-11473]
* auth/gcp: Update to v0.8.1 to use IAM Service Account Credentials
API for signing JWTs [GH-11498]
BUG FIXES:
* core (enterprise): Fix plugins mounted in namespaces being
unable to use password policies [GH-11596]
* core: correct logic for renewal of leases nearing their expiration
time. [GH-11650]
* secrets/database: Fix marshalling to allow providing numeric
arguments to external database plugins. [GH-11451]
* secrets/database: Fixes issue for V4 database interface where
SetCredentials wasn't falling back to using RotateRootCredentials
if SetCredentials is Unimplemented [GH-11585]
* ui: Fix namespace-bug on login [GH-11182]
v1.6.4:
April 21, 2021
Release vault v1.6.4
v1.6.3
February 25, 2021
SECURITY:
* Limited Unauthenticated License Read: We addressed a security
vulnerability that allowed for the unauthenticated reading of
Vault licenses from DR Secondaries. This vulnerability affects
Vault and Vault Enterprise and is fixed in 1.6.3 (CVE-2021-27668).
CHANGES:
* secrets/mongodbatlas: Move from whitelist to access list API [GH-10966]
IMPROVEMENTS:
* ui: Clarify language on usage metrics page empty state [GH-10951]
BUG FIXES:
* auth/kubernetes: Cancel API calls to TokenReview endpoint when
request context is closed [GH-10930]
* core/identity: Fix deadlock in entity merge endpoint. [GH-10877]
* quotas: Fix duplicate quotas on performance standby nodes. [GH-10855]
* quotas/rate-limit: Fix quotas enforcing old rate limit quota paths [GH-10689]
replication (enterprise): Don't write request count data on DR Secondaries.
* Fixes DR Secondaries becoming out of sync approximately every 30s. [GH-10970]
* secrets/azure (enterprise): Forward service principal credential
creation to the primary cluster if called on a performance
standby or performance secondary. [GH-10902]
Diffstat (limited to 'security')
| -rw-r--r-- | security/vault/Makefile | 5 | ||||
| -rw-r--r-- | security/vault/distinfo | 10 |
2 files changed, 7 insertions, 8 deletions
diff --git a/security/vault/Makefile b/security/vault/Makefile index 9a52e509d07..b052befbdaf 100644 --- a/security/vault/Makefile +++ b/security/vault/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.64 2021/05/08 15:02:29 bsiegert Exp $ +# $NetBSD: Makefile,v 1.65 2021/05/30 17:37:53 he Exp $ -DISTNAME= vault-1.6.2 -PKGREVISION= 2 +DISTNAME= vault-1.6.5 CATEGORIES= security MASTER_SITES= ${MASTER_SITE_GITHUB:=hashicorp/} diff --git a/security/vault/distinfo b/security/vault/distinfo index ec261e295af..a09f2d86ee0 100644 --- a/security/vault/distinfo +++ b/security/vault/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.26 2021/02/01 10:49:11 he Exp $ +$NetBSD: distinfo,v 1.27 2021/05/30 17:37:53 he Exp $ -SHA1 (vault-1.6.2.tar.gz) = eb57f9724b8c6c46012052d34932aa6c3ba1a1ad -RMD160 (vault-1.6.2.tar.gz) = 62e20ba17e1155f2536d2eab5eb2b805dec9c1dc -SHA512 (vault-1.6.2.tar.gz) = 4269778efebbf45bb56d902eb800a8e66dbf4569ae67eb422da33d0df149bb133c86940e29ed4d2d14bc89065ec7814912e04ab9024bfbc2ef125c1f46796c9a -Size (vault-1.6.2.tar.gz) = 39088821 bytes +SHA1 (vault-1.6.5.tar.gz) = e9b47cf76c96deea4b466a9d3cc64a39a5d0959b +RMD160 (vault-1.6.5.tar.gz) = 1b2a7ed3e6c45e31cd18a3314399a512adba4e88 +SHA512 (vault-1.6.5.tar.gz) = 0f5640d376f21d57bf25db0865b4509ef819dd82e950f8c9192188ab3ef1c2477c369049b69a5194e27051b5d8dc523b9760b01eda6568f7348bb782cf6f97c6 +Size (vault-1.6.5.tar.gz) = 39136426 bytes SHA1 (patch-scripts_gen__openapi.sh) = 1ad66480ef135adec05f58b088440e0bec6b4ab8 SHA1 (patch-vendor_github.com_docker_docker_client_client__unix.go) = 86d985a6aac6b0eaaf6bdc3b1e4a7e2d17454a6a SHA1 (patch-vendor_github.com_docker_docker_pkg_system_stat__netbsd.go) = 09c2f699b37fcb2ea05ca0df270359426a0629b7 |