From 5fb298c2b30c3db21d034ea9f89121c7c7528e09 Mon Sep 17 00:00:00 2001 From: David Enyeart Date: Sat, 6 Mar 2021 12:08:32 -0500 Subject: [PATCH] Fabric CA v1.5.0 release commit. Update Makefile for release. Update release notes. Signed-off-by: David Enyeart --- Makefile | 2 +- release_notes/v1.5.0.md | 54 ++++++++++++++++++++++++++++++++++------- 2 files changed, 46 insertions(+), 10 deletions(-) diff --git a/Makefile b/Makefile index b972ae6d8..928ff5740 100644 --- a/Makefile +++ b/Makefile @@ -32,7 +32,7 @@ PROJECT_NAME = fabric-ca ALPINE_VER ?= 3.13 DEBIAN_VER ?= stretch BASE_VERSION = 1.5.0 -IS_RELEASE = false +IS_RELEASE = true ARCH=$(shell go env GOARCH) MARCH=$(shell go env GOOS)-$(shell go env GOARCH) diff --git a/release_notes/v1.5.0.md b/release_notes/v1.5.0.md index f47aa8efe..bff1c776b 100644 --- a/release_notes/v1.5.0.md +++ b/release_notes/v1.5.0.md @@ -1,23 +1,59 @@ -v1.5.0 Release Notes - < Release date TBD > -=========================================== - -Fixes ------ +v1.5.0 Release Notes - March 9, 2021 +==================================== +All improvements and fixes as of Fabric CA v1.4.9 are included in Fabric CA v1.5.0. +Additionally, the following improvements and fixes are included in Fabric CA v1.5.0. -improvements +Improvements ------------ +**FABC-780: TLS v1.3 support** + +Add support for TLS v1.3 + **FABC-735: Docker images with Alpine Linux** Hyperledger Fabric CA Docker image will now use Alpine Linux, a security-oriented, lightweight Linux distribution. +**FABC-909: Check If database exists prior to creating** + +Prior to creating the Fabric CA database, first determine if it exists in MySQL and Postgres databases. +This change enables using a database user that does not have permission to create the database and assumes the database was previously created by an administrator. + + +Fixes +----- + +**FABC-902: Identities query for all types of an affiliation fails** + +Identities query for all types of an affiliation fails with a SQL error. +This fix passes the correct arguments to the query. + +**FABC-800: Enlarge PEM column for MySQL database from 4096 to 8192** + +In some scenarios enrollment may fail with error: +"Certificate signing failure: Failed to insert record into database: Error 1406: Data too long for column 'pem' at row 1". +This fix expands the database column from 4096 to 8192. + +**FABC-913: Set a primary key on users table for SQLite** + +When using SQLite, duplicate registration of the same ID could occur depending on timing. Subsequently the ID would not be usable. +This fix sets a primary key of id on users table for SQLite to prevent duplicate entries. + +**FABC-832: Certificate NotBefore date can not be before CA Cert NotBefore date** + +Enrollment certificate requests using a NotBefore date prior to the CA certificate NotBefore +date will now get reset to use the CA certificate's NotBefore date. + + Dependencies ------------ +Fabric CA v1.5.0 includes updated Go dependencies. + Fabric CA v1.5.0 has been tested with the following dependencies: -- Go 1.15.5 -- Fabric baseimage 0.4.22 +- Go 1.15.7 +- Alpine 3.13 (for Docker images) Changes, Known Issues, and Workarounds @@ -33,7 +69,7 @@ Known Vulnerabilities 1) Use HTTPS (TLS) so that the authorization header is not in clear text. 2) The token generation/authentication mechanism was improved to optionally prevent - token reuse. In v1.4 a more secure token can be used by setting environment variable: + token reuse. As of v1.4 a more secure token can be used by setting environment variable: FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false