hashicorp/vault v2.0.2

on GitHub

BREAKING CHANGES:

• containers: Remove cap_ipc_lock capability on vault at build time to allow running Vault in common container runtimes. Vault in containers will no longer be able to call mlock() to lock memory. Operators should set disable_mlock = true in Vault's configuration. Runtime operators are advised to disable swapping to guarantee data safety.
• secrets/ssh: RSA key sizes are now limited to a maximum size of 8192 bits addressing CVE-2026-39829

CHANGES:

• core: Bump Go version to 1.26.4
• secrets/azure (enterprise): Update plugin to v0.26.4+ent

BUG FIXES:

• plugins: Fix plugin signature verification failure with expired pgp key when registering a plugin.
• ui/transit: Fix key version dropdown selected state when editing a transit key.