Release commit for Fabric CA v1.4.8

Add release notes v1.4.8. Signed-off-by: David Enyeart <enyeart@us.ibm.com>
hyperledger · Jul 31, 2020 · 7653f06 · 7653f06
1 parent 146b8be
commit 7653f06
Show file tree

Hide file tree

Showing 3 changed files with 75 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,15 @@
+## v1.4.8
+Thu Jul 30 20:04:06 EDT 2020
+
+* [c4ef033](https://github.com/hyperledger/fabric-ca/commit/c4ef033) Rel notes v1.4.8
+* [146b8be](https://github.com/hyperledger/fabric-ca/commit/146b8be) Bump Go to 1.13.12
+* [f8b233c](https://github.com/hyperledger/fabric-ca/commit/f8b233c) Move StartNonceSweeper out of NonceManager constructor (bp #181) (#182)
+* [b6aa376](https://github.com/hyperledger/fabric-ca/commit/b6aa376) [FABC-912] Remove label and pin from logs
+* [f96ceb9](https://github.com/hyperledger/fabric-ca/commit/f96ceb9) Fix the indentation in the NodeOU source code
+* [b10a159](https://github.com/hyperledger/fabric-ca/commit/b10a159) [FAB-17702](https://jira.hyperledger.org/browse/FAB-17702) Use a CA
+* [fcda8bb](https://github.com/hyperledger/fabric-ca/commit/fcda8bb) [FABC-829] Add hf.AffiliationMgr and hf.GenCRL attributes to migrated (#159)
+* [f9a3427](https://github.com/hyperledger/fabric-ca/commit/f9a3427) Prepare for Fabric CA v1.4.8
+
 ## v1.4.7
 Thu May 14 12:48:59 EDT 2020
 

diff --git a/Makefile b/Makefile
@@ -31,7 +31,7 @@
 PROJECT_NAME = fabric-ca
 BASE_VERSION = 1.4.8
 PREV_VERSION = 1.4.7
-IS_RELEASE = false
+IS_RELEASE = true
 
 ARCH=$(shell go env GOARCH)
 MARCH=$(shell go env GOOS)-$(shell go env GOARCH)

diff --git a/release_notes/v1.4.8.md b/release_notes/v1.4.8.md
@@ -0,0 +1,62 @@
+v1.4.8 Release Notes - July 31, 2020
+====================================
+
+Fixes
+-----
+
+**FABC-829: Newly introduced attributes should be given to admin users**
+
+Fabric CA version v1.1.0 added attributes `hf.AffiliationMgr` and `hf.GenCRL`, however
+these attributes have never been assigned to users. This fix provides registrar users
+(users with a `hf.Registrar.Roles` attribute) the `hf.AffiliationMgr` and `hf.GenCRL` attributes,
+so that the user has the corresponding permissions.
+
+**FABC-911: Suppress duplicate error messages**
+
+Unnecessary repeated error message "Failed to remove expired nonces from DB" is now suppressed.
+
+**FABC-911: Remove PKCS11 label and pin fields from Fabric CA debug**
+
+Remove PKCS11 sensitive label and pin information from Fabric CA debug logs.
+
+
+Dependency updates
+------------------
+- Bump Go to 1.13.12.
+- Bump Fabric baseimage to 0.4.21.
+
+
+Changes, Known Issues, and Workarounds
+--------------------------------------
+None.
+
+Known Vulnerabilities
+---------------------
+- FABC-174 Commands can be manipulated to delete identities or affiliations
+
+  This vulnerability can be resolved in one of two ways:
+
+  1) Use HTTPS (TLS) so that the authorization header is not in clear text.
+
+  2) The token generation/authentication mechanism was improved to optionally prevent
+  token reuse. In v1.4 a more secure token can be used by setting environment variable:
+
+  FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false
+
+  However, it cannot be set to false until all clients have
+  been updated to generate the more secure token and tolerate
+  FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false.
+  The Fabric CA client has been updated in v1.4 to generate the more secure token.
+  The Fabric SDKs will be updated by v2.0 timeframe to generate the more secure token,
+  at which time the default for Fabric CA server will change to:
+  FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false
+
+Resolved Vulnerabilities
+------------------------
+None.
+
+
+Change log
+----------
+For the full list of changes, refer to the release change log:
+https://github.com/hyperledger/fabric-ca/blob/release-1.4/CHANGELOG.md#v148