1.18.4
January 30, 2025
CHANGES:
- auth/cf: Update plugin to v0.19.1 [GH-29295]
- sdk: Updated golang and dependency versions to be consistent across core, API, SDK to address [GO-2024-3333] and ensure version consistency [GH-29422]
IMPROVEMENTS:
- plugins (enterprise): The Database secrets engine now allows skipping the automatic rotation of static roles during import.
- events (enterprise): Use the
pathevent metadata field when authorizing a client'ssubscribecapability for consuming an event, instead of requiringdata_pathto be present in the event metadata. - ui: Adds navigation for LDAP hierarchical libraries [GH-29293]
- ui: Adds params to postgresql database to improve editing a connection in the web browser. [GH-29200]
BUG FIXES:
- activity: Include activity records from clients created by deleted or disabled auth mounts in Export API response. [GH-29376]
- core: Prevent integer overflows of the barrier key counter on key rotation requests [GH-29176]
- database/mssql: Fix a bug where contained databases would silently fail root rotation if a custom root rotation statement was not provided. [GH-29399]
- plugins: Fix a bug that causes zombie dbus-daemon processes on certain systems. [GH-29334]
- sdk/database: Fix a bug where slow database connections can cause goroutines to be blocked. [GH-29097]
- secrets/pki: Fix a bug that prevented the full CA chain to be used when enforcing name constraints. [GH-29255]
- sentinel (enterprise): No longer report inaccurate log messages for when failing an advisory policy.
- ui (enterprise): Fixes login to web UI when MFA is enabled for SAML auth methods [GH-28873]
- ui: Fixes login to web UI when MFA is enabled for OIDC (i.e. azure, auth0) and Okta auth methods [GH-28873]
- ui: Fixes navigation for quick actions in LDAP roles' popup menu [GH-29293]