The NetBSD Project

CVS log for pkgsrc/security/vault/Makefile

[BACK] Up to [cvs.NetBSD.org] / pkgsrc / security / vault

Request diff between arbitrary revisions


Default branch: MAIN
Current tag: pkgsrc-2017Q2-base


Revision 1.13 / (download) - annotate - [select for diffs], Tue Jun 13 06:28:38 2017 UTC (23 months, 1 week ago) by fhajny
Branch: MAIN
CVS Tags: pkgsrc-2017Q2-base, pkgsrc-2017Q2
Changes since 1.12: +2 -2 lines
Diff to previous 1.12 (colored)

Update security/vault to 0.7.3.

## 0.7.3 (June 7th, 2017)

SECURITY:

- Cert auth backend now checks validity of individual certificates
- App-ID path salting was skipped in 0.7.1/0.7.2

DEPRECATIONS/CHANGES:

- Step-Down is Forwarded

FEATURES:

- ed25519 Signing/Verification in Transit with Key Derivation
- Key Version Specification for Encryption in Transit
- Replication Primary Discovery (Enterprise)

IMPROVEMENTS:

- api/health: Add Sys().Health()
- audit: Add auth information to requests that error out
- command/auth: Add `-no-store` option that prevents the auth command
  from storing the returned token into the configured token helper
- core/forwarding: Request forwarding now heartbeats to prevent unused
  connections from being terminated by firewalls or proxies
- plugins/databases: Add MongoDB as an internal database plugin
- storage/dynamodb: Add a method for checking the existence of
  children, speeding up deletion operations in the DynamoDB storage backend
- storage/mysql: Add max_parallel parameter to MySQL backend
- secret/databases: Support listing connections
- secret/databases: Support custom renewal statements in Postgres
  database plugin
- secret/databases: Use the role name as part of generated credentials
- ui (Enterprise): Transit key and secret browsing UI handle large
  lists better
- ui (Enterprise): root tokens are no longer persisted
- ui (Enterprise): support for mounting Database and TOTP secret
  backends

BUG FIXES:

- auth/app-id: Fix regression causing loading of salts to be skipped
- auth/aws: Improve EC2 describe instances performance
- auth/aws: Fix lookup of some instance profile ARNs
- auth/aws: Resolve ARNs to internal AWS IDs which makes lookup at
  various points (e.g. renewal time) more robust
- auth/aws: Properly honor configured period when using IAM
  authentication
- auth/aws: Check that a bound IAM principal is not empty (in the
  current state of the role) before requiring it match the previously
  authenticated client
- auth/cert: Fix panic on renewal
- auth/cert: Certificate verification for non-CA certs
- core/acl: Prevent race condition when compiling ACLs in some
  scenarios
- secret/database: Increase wrapping token TTL; in a loaded scenario
  it could be too short
- secret/generic: Allow integers to be set as the value of `ttl` field
  as the documentation claims is supported
- secret/ssh: Added host key callback to ssh client config
- storage/s3: Avoid a panic when some bad data is returned
- storage/dynamodb: Fix list functions working improperly on Windows
- storage/file: Don't leak file descriptors in some error cases
- storage/swift: Fix pre-v3 project/tenant name reading

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.




CVSweb <webmaster@jp.NetBSD.org>