luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

More CL notes for 1.6.2 (#10792) 

* More CL notes for 1.6.2

* Update _2021Jan26.txt

* Update _2021Jan26.txt
This commit is contained in:
Meggie 2021-01-27 12:03:20 -05:00 committed by GitHub
parent d1241b5286
commit 4518d8a82f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
changelog/_2021Jan26.txt Normal file
View File

@ -0,0 +1,8 @@
```release-note:security
Limited Unauthenticated Remove Peer: As of Vault 1.6, the remove-peer command
on DR secondaries did not require authentication. This issue impacts the
stability of HA architecture, as a bad actor could remove all standby
nodes from a DR
secondary. This issue affects Vault Enterprise 1.6.0 and 1.6.1, and is fixed in
1.6.2 (CVE-2021-3282).
```