Skip to content

Commit 2efe5ad

Browse files
denyeartdenyeart
committed
Release commit for v1.5.12
Add release notes for v1.5.12. Signed-off-by: David Enyeart <enyeart@us.ibm.com>
1 parent 6bd223d commit 2efe5ad

File tree

3 files changed

+48
-2
lines changed

3 files changed

+48
-2
lines changed

Makefile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ PROJECT_NAME = fabric-ca
3232
GO_VER = 1.22.4
3333
UBUNTU_VER ?= 20.04
3434
DEBIAN_VER ?= stretch
35-
BASE_VERSION ?= v1.5.11
35+
BASE_VERSION ?= v1.5.12
3636

3737
ARCH=$(shell go env GOARCH)
3838
PLATFORM=$(shell go env GOOS)-$(shell go env GOARCH)

lib/metadata/version.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ const (
2929

3030
// Version specifies fabric-ca-client/fabric-ca-server version
3131
// It is defined by the Makefile and passed in with ldflags
32-
var Version = "1.5.11"
32+
var Version = "1.5.12"
3333

3434
// GetVersionInfo returns version information for the fabric-ca-client/fabric-ca-server
3535
func GetVersionInfo(prgName string) string {

release_notes/v1.5.12.md

Lines changed: 46 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,46 @@
1+
v1.5.12 Release Notes - June 18, 2024
2+
=====================================
3+
4+
v1.5.12 updates code dependencies.
5+
6+
7+
Dependencies
8+
------------
9+
10+
Fabric CA v1.5.12 has been tested with the following dependencies:
11+
- Go 1.22.4
12+
- Ubuntu 20.04 (for Docker images)
13+
- Databases
14+
- PostgreSQL 13
15+
- MySQL 8.0
16+
17+
18+
Changes, Known Issues, and Workarounds
19+
--------------------------------------
20+
21+
None.
22+
23+
Known Vulnerabilities
24+
---------------------
25+
- FABC-174 Commands can be manipulated to delete identities or affiliations
26+
27+
This vulnerability can be resolved in one of two ways:
28+
29+
1) Use HTTPS (TLS) so that the authorization header is not in clear text.
30+
31+
2) The token generation/authentication mechanism was improved to optionally prevent
32+
token reuse. As of v1.4 a more secure token can be used by setting environment variable:
33+
34+
FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false
35+
36+
However, it cannot be set to false until all clients have
37+
been updated to generate the more secure token and tolerate
38+
FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false.
39+
The Fabric CA client has been updated in v1.4 to generate the more secure token.
40+
The Fabric SDKs will be updated by v2.0 timeframe to generate the more secure token,
41+
at which time the default for Fabric CA server will change to:
42+
FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false
43+
44+
Resolved Vulnerabilities
45+
------------------------
46+
None.

0 commit comments

Comments
 (0)