6.0.6

Added

• Collateral can be fetched from AMD servers directly on Genoa machines (#7054).

Fixed

• Addressed issues in read_ledger and ccf.ledger that could prevent old ledger from being read (#7056, #7057).

6.0.5

Fixed

• Nodes will now avoid re-parsing .committed files in the main directory if they have established a later commit point in the read_only directories. This should significantly reduce start-up time for nodes with large existing ledgers.
• Added support for validating Genoa attestations (#7051).

Changed

• Allow : within regex matched templated URL components again, while still terminating matched segments correctly (#7046).

Dependencies

• Updated didx509cpp to 0.11.0 (#7050).

6.0.4

Fixed

• CCF will no longer create in-progress snapshot files with a .committed suffix. It will only rename files to .committed when they are complete and ready for reading (#7029).

Changed

• Templated URL parsing will no longer allow : within regex matched components, since : is already used to delimit actions. Concretely, a call to GET .../state-digests/abcd:update should now correctly return a 404, rather than dispatching to GET .../state-digests/{memberId} and returning No ACK record exists for member m[abcd:update].

5.0.18

Fixed

• CCF will no longer create in-progress snapshot files with a .committed suffix. It will only rename files to .committed when they are complete and ready for reading (#7029).

6.0.3

Changed

• Added ccf::pal::verify_uvm_endorsements_descriptor(), which verifies endorsements for a UVM measurement, and returns a descriptor capturing a did, feed, svn triplet that can be used for authorization.
• SymCrypt backend pinning reverted after 1.8.0 memleak got fixed (#7016).

5.0.17

Dependencies

• Updated Open Enclave from 0.19.8 to 0.19.11 (#7024).

6.0.2

Changed

• SymCrypt backend is pinned to 1.7.0 until microsoft/SymCrypt-OpenSSL#115 gets shipped (#6995).
• Disaster recovery process is now robust to services which have sealed the same secret multiple times (#6999).

5.0.16

Fixed

• Disaster recovery process is now robust to services which have sealed the same secret multiple times (#6999).

6.0.1

Fixed

• Fixed potential stack corruption that could occur on SNP builds at node startup (#6967).

5.0.15

Fixed

• Improved locking in indexing system, to remove race conditions which were possible when accessing historical state (#6886).
• Fixed a bug which could produce an invalid secret chain (containing duplicate ledger secret sealing entries) in the ledger if an election occurred during private recovery (#6926). Comes with #6912 as a prerequisite.