Bug 2167456

Summary: vault: Lease IDs containing periods not revoked properly
Product: [Other] Security Response Reporter: Pedro Sampaio <psampaio>
Component: vulnerabilityAssignee: Nobody <nobody>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: amctagga, dfreiber, etamir, jburrell, jcantril, kaycoth, madam, muagarwa, nbecker, nobody, periklis, rogbas, tnielsen, vkumar
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: vault 0.11.3 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2167760    
Bug Blocks: 2167459    

Description Pedro Sampaio 2023-02-06 16:37:51 UTC 
A regression in Hashicorp Vault 0.11.2 (OSS) and 0.11.0 (Enterprise) caused lease IDs containing periods (.) to not be revoked properly. Upon startup when revocation is tried again these should now revoke successfully.

References:

https://github.com/hashicorp/vault/blob/main/CHANGELOG.md#0113-october-8th-2018