Updates for 1.5.1, 1.4.4, 1.3.8, and 1.2.5

CHANGELOG.md

@@ -13,6 +13,14 @@ BUG FIXES:
 * secrets/database: Fix handling of TLS options in mongodb connection strings [[GH-9519](https://github.com/hashicorp/vault/pull/9519)]
 * secrets/gcp: Ensure that the IAM policy version is appropriately set after a roleset's bindings have changed. [[GH-93](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/93)]
 
+## 1.5.2
+### August 20th, 2020
+
+NOTE:
+
+OSS binaries of 1.5.1, 1.4.4, 1.3.8, and 1.2.5 were built without the Vault UI. Enterprise binaries are not affected.
+
+
 ## 1.5.1
 ### August 20th, 2020
 
@@ -22,6 +30,10 @@ SECURITY:
 * When using the GCP GCE Auth Method, under certain circumstances, values Vault uses to validate GCE VMs can be manipulated and bypassed. This vulnerability affects Vault and Vault Enterprise 0.8.3 and newer and is fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1 (CVE-2020-16251)
 * When using Vault Agent with cert auto-auth and caching enabled, under certain circumstances, clients without permission to access agent's token may retrieve the token without login credentials. This vulnerability affects Vault Agent 1.1.0 and newer and is fixed in 1.5.1 (CVE-2020-17455)
 
+KNOWN ISSUES:
+
+* OSS binaries of 1.5.1, 1.4.4, 1.3.8, and 1.2.5 were built without the Vault UI. Enterprise binaries are not affected.
+
 CHANGES:
 
 * pki: The tidy operation will now remove revoked certificates if the parameter `tidy_revoked_certs` is set to `true`. This will result in certificate entries being immediately removed, as opposed to awaiting until its NotAfter time. Note that this only affects certificates that have been already revoked. [[GH-9609](https://github.com/hashicorp/vault/pull/9609)]
@@ -127,6 +139,13 @@ BUG FIXES:
 * ui: Disallow max versions value of large than 9999999999999999 on kv2 secrets engine. [[GH-9242](https://github.com/hashicorp/vault/pull/9242)]
 * ui: Add and upgrade missing dependencies to resolve a failure with `make static-dist`. [[GH-9277](https://github.com/hashicorp/vault/pull/9371)]
 
+## 1.4.5
+### August 20th, 2020
+
+NOTE:
+
+OSS binaries of 1.5.1, 1.4.4, 1.3.8, and 1.2.5 were built without the Vault UI. Enterprise binaries are not affected.
+
 ## 1.4.4
 ### August 20th, 2020
 
@@ -135,6 +154,10 @@ SECURITY:
 * When using the IAM AWS Auth Method, under certain circumstances, values Vault uses to validate identities and roles can be manipulated and bypassed. This vulnerability affects Vault and Vault Enterprise 0.7.1 and newer and is fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1 (CVE-2020-16250)
 * When using the GCP GCE Auth Method, under certain circumstances, values Vault uses to validate GCE VMs can be manipulated and bypassed. This vulnerability affects Vault and Vault Enterprise 0.8.3 and newer and is fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1 (CVE-2020-16251)
 
+KNOWN ISSUES:
+
+* OSS binaries of 1.5.1, 1.4.4, 1.3.8, and 1.2.5 were built without the Vault UI. Enterprise binaries are not affected.
+
 BUG FIXES:
 
 * auth/okta: fix bug introduced in 1.4.0: only 200 external groups were fetched even if user belonged to more [[GH-9580](https://github.com/hashicorp/vault/pull/9580)]
@@ -356,14 +379,25 @@ BUG FIXES:
 * ui: Update CLI to accept empty strings as param value to reset previously-set values
 * ui: Fix bug where error states don't clear when moving between action tabs on Transit [[GH-8354](https://github.com/hashicorp/vault/pull/8354)]
 
+## 1.3.9
+### August 20th, 2020
+
+NOTE:
+
+OSS binaries of 1.5.1, 1.4.4, 1.3.8, and 1.2.5 were built without the Vault UI. Enterprise binaries are not affected.
+
 ## 1.3.8
-### August 20th, 2002
+### August 20th, 2020
 
 SECURITY:
 
 * When using the IAM AWS Auth Method, under certain circumstances, values Vault uses to validate identities and roles can be manipulated and bypassed. This vulnerability affects Vault and Vault Enterprise 0.7.1 and newer and is fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1 (CVE-2020-16250)
 * When using the GCP GCE Auth Method, under certain circumstances, values Vault uses to validate GCE VMs can be manipulated and bypassed. This vulnerability affects Vault and Vault Enterprise 0.8.3 and newer and is fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1 (CVE-2020-16251)
 
+KNOWN ISSUES:
+
+* OSS binaries of 1.5.1, 1.4.4, 1.3.8, and 1.2.5 were built without the Vault UI. Enterprise binaries are not affected.
+
 ## 1.3.7
 ### July 2nd, 2020
 
@@ -660,13 +694,24 @@ BUG FIXES:
  * ui: show all active kv v2 secret versions even when `delete_version_after` is configured [[GH-7685](https://github.com/hashicorp/vault/pull/7685)]
  * ui: Ensure that items in the top navigation link to pages that users have access to [[GH-7590](https://github.com/hashicorp/vault/pull/7590)]
 
+## 1.2.6
+### August 20th, 2020
+
+NOTE:
+
+OSS binaries of 1.5.1, 1.4.4, 1.3.8, and 1.2.5 were built without the Vault UI. Enterprise binaries are not affected.
+
 ## 1.2.5
 ### August 20th, 2020
 
 SECURITY:
 
-* When using the IAM AWS Auth Method, under certain circumstances, values Vault uses to validate identities and roles can be manipulated and bypassed. This vulnerability affects Vault and Vault Enterprise 0.7.1 and newer and is fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1 (CVE-2020-16250)
-* When using the GCP GCE Auth Method, under certain circumstances, values Vault uses to validate GCE VMs can be manipulated and bypassed. This vulnerability affects Vault and Vault Enterprise 0.8.3 and newer and is fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1 (CVE-2020-16251)
+ * When using the IAM AWS Auth Method, under certain circumstances, values Vault uses to validate identities and roles can be manipulated and bypassed. This vulnerability affects Vault and Vault Enterprise 0.7.1 and newer and is fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1 (CVE-2020-16250)
+ * When using the GCP GCE Auth Method, under certain circumstances, values Vault uses to validate GCE VMs can be manipulated and bypassed. This vulnerability affects Vault and Vault Enterprise 0.8.3 and newer and is fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1 (CVE-2020-16251)
+
+KNOWN ISSUES:
+
+ * OSS binaries of 1.5.1, 1.4.4, 1.3.8, and 1.2.5 were built without the Vault UI. Enterprise binaries are not affected.
 
 ## 1.2.4 (November 7th, 2019)
 

website/data/docs-navigation.js

@@ -380,14 +380,19 @@ export default [
       'upgrade-to-1.2.0',
       'upgrade-to-1.2.1',
       'upgrade-to-1.2.4',
+      'upgrade-to-1.2.5',
+      'upgrade-to-1.3.8',
       'upgrade-to-1.3.0',
       'upgrade-to-1.3.2',
       'upgrade-to-1.3.3',
       'upgrade-to-1.3.4',
       'upgrade-to-1.3.5',
+      'upgrade-to-1.3.8',
       'upgrade-to-1.4.0',
       'upgrade-to-1.4.1',
+      'upgrade-to-1.4.4',
       'upgrade-to-1.5.0',
+      'upgrade-to-1.5.1',
     ],
   },
   '----------------',

website/data/version.js

@@ -1,3 +1,3 @@
-export const VERSION = '1.5.0'
+export const VERSION = '1.5.2'
 export const CHANGELOG_URL =
-  'https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#150'
+  'https://github.com/hashicorp/vault/blob/master/CHANGELOG.md#152'

website/pages/docs/upgrading/upgrade-to-1.2.5.mdx

@@ -0,0 +1,19 @@
+---
+layout: docs
+page_title: Upgrading to Vault 1.2.5 - Guides
+sidebar_title: Upgrade to 1.2.5
+description: |-
+  This page contains the list of deprecations and important or breaking changes
+  for Vault 1.2.5. Please read it carefully.
+---
+
+# Overview
+
+This page contains the list of deprecations and important or breaking changes
+for Vault 1.2.5 compared to 1.2.4. Please read it carefully.
+
+## Known Issues
+
+Due to the known issues, we recommend skipping 1.2.5 and upgrading directly to 1.2.6.
+
+@include 'partials/builds-without-ui.mdx'

website/pages/docs/upgrading/upgrade-to-1.3.8.mdx

@@ -0,0 +1,19 @@
+---
+layout: docs
+page_title: Upgrading to Vault 1.3.8 - Guides
+sidebar_title: Upgrade to 1.3.8
+description: |-
+  This page contains the list of deprecations and important or breaking changes
+  for Vault 1.3.8. Please read it carefully.
+---
+
+# Overview
+
+This page contains the list of deprecations and important or breaking changes
+for Vault 1.3.8 compared to 1.3.7. Please read it carefully.
+
+## Known Issues
+
+Due to the known issues, we recommend skipping 1.3.8 and upgrading directly to 1.3.9.
+
+@include 'partials/builds-without-ui.mdx'

website/pages/docs/upgrading/upgrade-to-1.4.4.mdx

@@ -0,0 +1,19 @@
+---
+layout: docs
+page_title: Upgrading to Vault 1.4.4 - Guides
+sidebar_title: Upgrade to 1.4.4
+description: |-
+  This page contains the list of deprecations and important or breaking changes
+  for Vault 1.4.4. Please read it carefully.
+---
+
+# Overview
+
+This page contains the list of deprecations and important or breaking changes
+for Vault 1.4.4 compared to 1.4.3. Please read it carefully.
+
+## Known Issues
+
+Due to the known issues, we recommend skipping 1.4.4 and upgrading directly to 1.4.5.
+
+@include 'partials/builds-without-ui.mdx'

website/pages/docs/upgrading/upgrade-to-1.5.1.mdx

@@ -0,0 +1,19 @@
+---
+layout: docs
+page_title: Upgrading to Vault 1.5.1 - Guides
+sidebar_title: Upgrade to 1.5.1
+description: |-
+  This page contains the list of deprecations and important or breaking changes
+  for Vault 1.5.1. Please read it carefully.
+---
+
+# Overview
+
+This page contains the list of deprecations and important or breaking changes
+for Vault 1.5.1 compared to 1.5.0. Please read it carefully.
+
+## Known Issues
+
+Due to the known issues, we recommend skipping 1.5.1 and upgrading directly to 1.5.2.
+
+@include 'partials/builds-without-ui.mdx'

website/pages/partials/builds-without-ui.mdx

@@ -0,0 +1,4 @@
+### OSS Binaries Lacking Vault UI
+
+OSS binaries of Vault 1.5.1, 1.4.4, 1.3.8, and 1.2.5 were built without the
+Vault UI. Enterprise binaries are not affected.