1.14.10
February 29, 2024
SECURITY:
- auth/cert: compare public keys of trusted non-CA certificates with incoming
client certificates to prevent trusting certs with the same serial number
but not the same public/private key. [GH-25649]
CHANGES:
- core: Bump Go version to 1.20.14.
FEATURES:
- Manual License Utilization Reporting: Added manual license
utilization reporting, which allows users to create manual exports of product-license [metering
data] to report to Hashicorp.
IMPROVEMENTS:
- auth/cert: Cache trusted certs to reduce memory usage and improve performance of logins. [GH-25421]
- ui: redirect back to current route after reauthentication when token expires [GH-25335]
- ui: remove unnecessary OpenAPI calls for unmanaged auth methods [GH-25364]
BUG FIXES:
- core (enterprise): Fix a deadlock that can occur on performance secondary clusters when there are many mounts and a mount is deleted or filtered [GH-25448]
- core/quotas: Deleting a namespace that contains a rate limit quota no longer breaks replication [GH-25439]
- secrets/transform (enterprise): guard against a panic looking up a token in exportable mode with barrier storage.
- secrets/transit: When provided an invalid input with hash_algorithm=none, a lock was not released properly before reporting an error leading to deadlocks on a subsequent key configuration update. [GH-25336]
- storage/file: Fixing spuriously deleting storage keys ending with .temp [GH-25395]