vault: Update to 1.2.4

To: pkgsrc-wip-changes%NetBSD.org@localhost
Subject: vault: Update to 1.2.4
From: Iku Iwasa <iku.iwasa%gmail.com@localhost>
Date: Sat, 09 Nov 2019 01:29:26 +0000

Module Name:	pkgsrc-wip
Committed By:	Iku Iwasa <iku.iwasa%gmail.com@localhost>
Pushed By:	iquiw
Date:		Sat Nov 9 10:29:26 2019 +0900
Changeset:	7a09e24a091751f0d942e44e46b7b5ad449ef3f9

Modified Files:
	vault/Makefile
	vault/distinfo

Log Message:
vault: Update to 1.2.4

SECURITY:

* In a non-root namespace, revocation of a token scoped to a non-root
  namespace did not trigger the expected revocation of dynamic secret leases
  associated with that token. As a result, dynamic secret leases in non-root
  namespaces may outlive the token that created them. This vulnerability,
  CVE-2019-18616, affects Vault Enterprise 0.11.0 and newer.
* Disaster Recovery secondary clusters did not delete already-replicated
  data after a mount filter has been created on an upstream Performance
  secondary cluster. As a result, encrypted secrets may remain replicated on
  a Disaster Recovery secondary cluster after application of a mount filter
  excluding those secrets from replication. This vulnerability,
  CVE-2019-18617, affects Vault Enterprise 0.8 and newer.
* Update version of Go to 1.12.12 to fix Go bug golang.org/issue/34960
  which corresponds to CVE-2019-17596.

CHANGES:

* auth/aws: If a custom sts_endpoint is configured, Vault Agent and the CLI
  should provide the corresponding region via the region parameter (which
  already existed as a CLI parameter, and has now been added to Agent). The
  automatic region detection added to the CLI and Agent in 1.2 has been
  removed.

IMPROVEMENTS:

* cli: Ignore existing token during CLI login [GH-7508]
* core: Log proxy settings from environment on startup [GH-7528]
* core: Cache whether we've been initialized to reduce load on storage
  [GH-7549]

BUG FIXES:

* agent: Fix handling of gzipped responses [GH-7470]
* cli: Fix panic when pgp keys list is empty [GH-7546]
* core: add hook for initializing seals for migration [GH-7666]
* core (enterprise): Migrating from one auto unseal method to another never
  worked on enterprise, now it does.
* identity: Add required field response_types_supported to identity token
  .well-known/openid-configuration response [GH-7533]
* identity: Fixed nil pointer panic when merging entities [GH-7712]
* replication (Enterprise): Fix issue causing performance standbys nodes
  disconnecting when under high loads.
* secrets/azure: Fix panic that could occur if client retries timeout
  [GH-7793]
* secrets/database: Fix bug in combined DB secrets engine that can result
  in writes to static-roles endpoints timing out [GH-7518]
* secrets/pki: Improve tidy to continue when value is nil [GH-7589]
* ui (Enterprise): Allow kv v2 secrets that are gated by Control Groups to
  be viewed in the UI [GH-7504]
* cli: Command timeouts are now always specified solely by the
  VAULT_CLIENT_TIMEOUT value. [GH-7469]

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=7a09e24a091751f0d942e44e46b7b5ad449ef3f9

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 vault/Makefile | 3 +--
 vault/distinfo | 8 ++++----
 2 files changed, 5 insertions(+), 6 deletions(-)

diffs:
diff --git a/vault/Makefile b/vault/Makefile
index 2b865ecc80..1d47b3b83f 100644
--- a/vault/Makefile
+++ b/vault/Makefile
@@ -1,7 +1,6 @@
 # $NetBSD$
 
-DISTNAME=	vault-1.2.3
-PKGREVISION=	1
+DISTNAME=	vault-1.2.4
 CATEGORIES=	security
 MASTER_SITES=	${MASTER_SITE_GITHUB:=hashicorp/}
 
diff --git a/vault/distinfo b/vault/distinfo
index 49a173d58b..5bb32169f7 100644
--- a/vault/distinfo
+++ b/vault/distinfo
@@ -1,8 +1,8 @@
 $NetBSD$
 
-SHA1 (vault-1.2.3.tar.gz) = 83765d89ce4630e8e61e81d830378b11af8078e5
-RMD160 (vault-1.2.3.tar.gz) = cd82e5658a8018eb5be7cad8a71b860d5fad0162
-SHA512 (vault-1.2.3.tar.gz) = 9543e394f187cd9b06e88b64319504e07519041741650db3b7b905f1b34348ed7d9e22955ce2a456ffd2e06210e9e01b1a0ded459cde4840fbf5903ff6e21e75
-Size (vault-1.2.3.tar.gz) = 27773681 bytes
+SHA1 (vault-1.2.4.tar.gz) = 529b5f9a22436230f17e827195a7e8eba2031676
+RMD160 (vault-1.2.4.tar.gz) = 4a347884ac69ff82f790b62b790a783e48ee0be9
+SHA512 (vault-1.2.4.tar.gz) = 35a91088ac6949863e2de651edac19d73586acc2f42d14e48d3b41236d9458c95e60f8ec2285b3846ff04ebe59a4d4b308686151d758b5af8caad711441e2ee4
+Size (vault-1.2.4.tar.gz) = 27778766 bytes
 SHA1 (patch-vendor_github.com_ory_dockertest_docker_pkg_system_stat__netbsd.go) = ae03a0790d6cebaca808db07f55ac3c34539329a
 SHA1 (patch-vendor_github.com_ory_dockertest_docker_pkg_term_termios__bsd.go) = d13fe7d333f1b892de6d385acc53482d268dd474

Prev by Date: packer: Update to 1.4.5
Next by Date: bstone: update to bstone-1.1.14
Previous by Thread: packer: Update to 1.4.5
Next by Thread: bstone: update to bstone-1.1.14
Indexes:

Home | Main Index | Thread Index | Old Index