update changelog
This commit is contained in:
Mark Collao
parent
0856fa11a3
commit
c0d7ad6d5d
12
CHANGELOG.md
12
CHANGELOG.md
|
|
@ -189,6 +189,10 @@ Authorization Endpoint. [[GH-16601](https://github.com/hashicorp/vault/pull/1660
|
|||
* ui: Fix OIDC callback to accept namespace flag in different formats [[GH-16886](https://github.com/hashicorp/vault/pull/16886)]
|
||||
* ui: Fix info tooltip submitting form [[GH-16659](https://github.com/hashicorp/vault/pull/16659)]
|
||||
* ui: Fix naming of permitted_dns_domains form parameter on CA creation (root generation and sign intermediate). [[GH-16739](https://github.com/hashicorp/vault/pull/16739)]
|
||||
|
||||
SECURITY:
|
||||
|
||||
* identity/entity: When entity aliases mapped to a single entity share the same alias name, but have different mount accessors, Vault can leak metadata between the aliases. This metadata leak may result in unexpected access if templated policies are using alias metadata for path names. [[HCSEC-2022-18](https://discuss.hashicorp.com/t/hcsec-2022-18-vault-entity-alias-metadata-may-leak-between-aliases-with-the-same-name-assigned-to-the-same-entity/44550)]
|
||||
|
||||
## 1.11.2
|
||||
### August 2, 2022
|
||||
|
|
@ -486,6 +490,10 @@ Authorization Endpoint. [[GH-16601](https://github.com/hashicorp/vault/pull/1660
|
|||
* ui: Fix OIDC callback to accept namespace flag in different formats [[GH-16886](https://github.com/hashicorp/vault/pull/16886)]
|
||||
* ui: Fix issue logging in with JWT auth method [[GH-16466](https://github.com/hashicorp/vault/pull/16466)]
|
||||
* ui: Fix naming of permitted_dns_domains form parameter on CA creation (root generation and sign intermediate). [[GH-16739](https://github.com/hashicorp/vault/pull/16739)]
|
||||
|
||||
SECURITY:
|
||||
|
||||
* identity/entity: When entity aliases mapped to a single entity share the same alias name, but have different mount accessors, Vault can leak metadata between the aliases. This metadata leak may result in unexpected access if templated policies are using alias metadata for path names. [[HCSEC-2022-18](https://discuss.hashicorp.com/t/hcsec-2022-18-vault-entity-alias-metadata-may-leak-between-aliases-with-the-same-name-assigned-to-the-same-entity/44550)]
|
||||
|
||||
## 1.10.5
|
||||
### July 21, 2022
|
||||
|
|
@ -860,6 +868,10 @@ BUG FIXES:
|
|||
* ui: Fix OIDC callback to accept namespace flag in different formats [[GH-16886](https://github.com/hashicorp/vault/pull/16886)]
|
||||
* ui: Fix issue logging in with JWT auth method [[GH-16466](https://github.com/hashicorp/vault/pull/16466)]
|
||||
|
||||
SECURITY:
|
||||
|
||||
* identity/entity: When entity aliases mapped to a single entity share the same alias name, but have different mount accessors, Vault can leak metadata between the aliases. This metadata leak may result in unexpected access if templated policies are using alias metadata for path names. [[HCSEC-2022-18](https://discuss.hashicorp.com/t/hcsec-2022-18-vault-entity-alias-metadata-may-leak-between-aliases-with-the-same-name-assigned-to-the-same-entity/44550)]
|
||||
|
||||
## 1.9.8
|
||||
### July 21, 2022
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue