File tree Expand file tree Collapse file tree 3 files changed +48
-2
lines changed
Expand file tree Collapse file tree 3 files changed +48
-2
lines changed Original file line number Diff line number Diff line change @@ -32,7 +32,7 @@ PROJECT_NAME = fabric-ca
3232GO_VER = 1.23.1
3333UBUNTU_VER ?= 20.04
3434DEBIAN_VER ?= stretch
35- BASE_VERSION ?= v1.5.12
35+ BASE_VERSION ?= v1.5.13
3636
3737ARCH =$(shell go env GOARCH)
3838PLATFORM =$(shell go env GOOS) -$(shell go env GOARCH)
Original file line number Diff line number Diff line change @@ -29,7 +29,7 @@ const (
2929
3030// Version specifies fabric-ca-client/fabric-ca-server version
3131// It is defined by the Makefile and passed in with ldflags
32- var Version = "1.5.12 "
32+ var Version = "1.5.13 "
3333
3434// GetVersionInfo returns version information for the fabric-ca-client/fabric-ca-server
3535func GetVersionInfo (prgName string ) string {
Original file line number Diff line number Diff line change 1+ v1.5.13 Release Notes - September 20, 2024
2+ ==========================================
3+
4+ v1.5.13 updates code dependencies.
5+
6+
7+ Dependencies
8+ ------------
9+
10+ Fabric CA v1.5.13 has been tested with the following dependencies:
11+ - Go 1.23.1
12+ - Ubuntu 20.04 (for Docker images)
13+ - Databases
14+ - PostgreSQL 13
15+ - MySQL 8.0
16+
17+
18+ Changes, Known Issues, and Workarounds
19+ --------------------------------------
20+
21+ None.
22+
23+ Known Vulnerabilities
24+ ---------------------
25+ - FABC-174 Commands can be manipulated to delete identities or affiliations
26+
27+ This vulnerability can be resolved in one of two ways:
28+
29+ 1 ) Use HTTPS (TLS) so that the authorization header is not in clear text.
30+
31+ 2 ) The token generation/authentication mechanism was improved to optionally prevent
32+ token reuse. As of v1.4 a more secure token can be used by setting environment variable:
33+
34+ FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false
35+
36+ However, it cannot be set to false until all clients have
37+ been updated to generate the more secure token and tolerate
38+ FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false.
39+ The Fabric CA client has been updated in v1.4 to generate the more secure token.
40+ The Fabric SDKs will be updated by v2.0 timeframe to generate the more secure token,
41+ at which time the default for Fabric CA server will change to:
42+ FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false
43+
44+ Resolved Vulnerabilities
45+ ------------------------
46+ None.
You can’t perform that action at this time.
0 commit comments