v1.4.5 Release Notes - February 19, 2020

Fixes

FABC-806: Do not honor client expiry request

It was possible for the client to set the expiry for a certificate (due to
the embedded use of a cfssl type). With this change, the expiry will come
from the CA profile of the request or the default profile if no profile is
set or a matching profile cannot be found.
FABC-891: Create missing index on postgres db

Add a missing primary key index on users table for Postgres database.
Support reading Operations TLS settings from file

Previously, the unmarshal of server's configuration file
did not pull operations config in correctly. Operations
config for "operations.tls.cert.file" and "operations.tls.cert.key"
are now read correctly.

Changes, Known Issues, and Workarounds

None.

Known Vulnerabilities

FABC-174 Commands can be manipulated to delete identities or affiliations

This vulnerability can be resolved in one of two ways:
1. Use HTTPS (TLS) so that the authorization header is not in clear text.
2. The token generation/authentication mechanism was improved to optionally prevent
  token reuse. In v1.4 a more secure token can be used by setting environment variable:
FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false

However, it cannot be set to false until all clients have
been updated to generate the more secure token and tolerate
FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false.
The Fabric CA client has been updated in v1.4 to generate the more secure token.
The Fabric SDKs will be updated by v2.0 timeframe to generate the more secure token,
at which time the default for Fabric CA server will change to:
FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false

Resolved Vulnerabilities

None.

Change log

For the full list of changes, refer to the release change log:
https://github.com/hyperledger/fabric-ca/blob/release-1.4/CHANGELOG.md#v145

Changes:

3d18b03 Release fabric-ca v1.4.5 (#94)
93f6863 Support reading Operations TLS settings from file
a891cd1 [FABC-891] Create missing index on postgres db
e3fd520 [FABC-890] Fix responses in swagger.json
292781e FABC-806 Do not honor client expiry request
8a6a112 Merge pull request #69 from denyeart/d_preparev145
a3c0171 [FAB-17074] Prepare for next fabric-ca rel v1.4.5

This list of changes was auto generated.

v1.4.4 Release Notes - November 14, 2019

What's New in Hyperledger Fabric CA v1.4.4

FABC-881 Update all fabric-ca dependencies to make it work with go mod
FABC-884 Bump to Go v1.12.12 and baseimage 0.4.18

Fixes

FABC-865: Fix setting TLS files by cert/key.file - Make config settings
operations.tls.cert.file and operations.tls.key.file utilized.

Changes, Known Issues, and Workarounds

None.

Known Vulnerabilities

FABC-174 Commands can be manipulated to delete identities or affiliations

This vulnerability can be resolved in one of two ways:
1. Use HTTPS (TLS) so that the authorization header is not in clear text.
2. The token generation/authentication mechanism was improved to optionally prevent
  token reuse. In v1.4 a more secure token can be used by setting environment variable:
FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false

However, it cannot be set to false until all clients have
been updated to generate the more secure token and tolerate
FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false.
The Fabric CA client has been updated in v1.4 to generate the more secure token.
The Fabric SDKs will be updated by v2.0 timeframe to generate the more secure token,
at which time the default for Fabric CA server will change to:
FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false

Resolved Vulnerabilities

None.

Change log

For the full list of changes, refer to the release change log:
https://github.com/hyperledger/fabric-ca/blob/release-1.4/CHANGELOG.md#v144

Changes:

76f807c [FAB-17073] Release fabric-ca v1.4.4
5abd05e [FAB-17073] Release fabric-ca v1.4.4
7d0432e [FABCI-461] Create release job
7302172 [FABC-884] Upgrade to go 1.12
5ffb381 FABC-873 remove invalid test
e9b3492 [FABC-844] address vet issues
1559aa3 FABC-881 Use earlier revision of bccsp
3b8a5c7 FABC-881 Update vendored dependencies
64c7d52 [FABC-874] Add HSM changes to Fabric CA docs (#47)
c45a0f6 [FABC-865] Fix setting TLS files by cert/key.file (#42)

See More

cc34360 [FABC-880] Add license header to gencst_test.sh
63692a0 Update to baseimage 0.4.16
5b1faaa Fix URL to contribution guide
3db5423 [FABC-877] Reduce scope of tests with ssl off
eff05c9 [FABCI-420] Add sudo to apt-clean command
8a3698b [FAB-16489] Add CODEOWNERS
d84b685 [FABCI-420] Add AZP yaml for release-1.4
040d68d [FABC-863] Test fail with open pipe in temp dir
b7fd4e8 FAB-16415 Prepare for next fabric-ca rel (1.4.4)
4af7a27 Merge "[FAB-16414] Release fabric-ca v1.4.3" into release-1.4
639a8e0 [FABC-855] Doc Node OU Support for admins and orderers
55a322d [FAB-16414] Release fabric-ca v1.4.3
3e29f1a Remove hardcoded ver on multiarch script
c49e7d3 [FABCI-401] Disable AnsiColor Wrapper
64bdb20 [FABC-867] Fix GoImports
017cea8 FABC-862 Update mysql driver
c66adbe [FAB-16000] Prepare for next fabric-ca rel (1.4.3)
9321ffb [FAB-15999] Release fabric-ca v1.4.2
d3e9c35 Merge changes I544241e5,I2be9d152 into release-1.4
396c093 FABC-848 Fix TLS issue with PostgreSQL
f88e912 [FABC-853] Adding metrics table LabelHelp support
5bf5d47 [FABC-853] import fabric/gendoc for fabric-ca
477f5a2 FABC-837 Make metrics compatible with multi-root CA
4289522 Update fabric/bccsp and miekg/pkcs11 to latest revs
8b56ee8 [FABC-850] Fix Fabric CA doc wrt OU types
f32e113 FAB-15465: Update Jinja2
839c46e [FABC-842] Fabric CA Foc Fix
3004074 FABC-839 Update ca mutiarch publish script
3f449b5 [FAB-14969] Prepare for next fabric-ca rel (1.4.2)
3384a38 [FAB-14968] Release fabric-ca v1.4.1
98f702f Merge "FABC-833 Update Jenkinsfile" into release-1.4
a32dd3c FABC-408 Add CORS support
7de4c77 FABC-833 Update Jenkinsfile
39c5fd6 Merge "FABCI-311 Add ci pipeline script" into release-1.4
55f5eb7 Fix --csr.hosts flag for client and server
19441cc FAB-14775 Update fabric-ca to baseimage 0.4.15
edb6e08 FABCI-311 Add ci pipeline script
aaee55f [FABC-805] Wire DB metrics
197b881 [FABC-804] Create DB Metric Options
ea1ebbe [FABC-803] Refactoring DB code
3c36ab5 [FABC-795] Create a CA Server Health Check
8c245c1 [FABC-790] Create an operations server
8d9b622 [FABC-787] Wire in metrics for server APIs
08b1153 [FABC-786] Vendor go-kit
81fa829 [FABC-785] Add metrics for server APIs
ec59334 [FABC-783] Add middleware to HTTP router
edb65ba [FAB-14174] Update GOVER to 1.11.5 in CA
3dafa32 Remove tcert from swagger
d3ef594 [FAB-13558] Prepare fabric-ca for next rel (v1.4.1)
27fbd69 [FAB-13557] Release fabric-ca v1.4.0
cd6ed88 FABC-781 Remove fabric-ca sample
b191f9c [FAB-13393] Prepare for next release (1.4.0)
6d9eaea [FAB-13392] Release fabric-ca v1.4.0-rc2
236dec5 [FAB-13116] Prepare for next rel (1.4.0 on release-1.4)
ef74d7e Merge "[FAB-13115] Release fabric-ca v1.4.0-rc1"
b140ba8 Merge "[FABC-774] Fix inability to set environment variable"
45882f2 Merge "[FABC-773] Fix TOC format in user's guide"
e52b5cd [FAB-13115] Release fabric-ca v1.4.0-rc1
45c9934 Merge "[FABC-772] Added testcase for panic handling"
c1c2b72 [FABC-774] Fix inability to set environment variable
5b4c3e5 [FABC-773] Fix TOC format in user's guide
e682189 Merge "FABC-771 Update multiarch script"
604ab46 [FABC-772] Added testcase for panic handling
e20d7db Merge "[FABC-768] Doc: Better Markup"
4e4b1c2 FABC-771 Update multiarch script
e064dcc [FABC-769] Add the ability to recover from panic
a0ebc50 [FABC-765] Vendor fabric/bccsp/idemix
b2a3132 [FABC-768] Doc: Better Markup
b959937 Merge "[FABC-752] Vendor gomega and ginkgo"
93bf90f Merge "[FABC-767] Failing goimports"
8a8f1b3 [FABC-752] Vendor gomega and ginkgo
7b5f2b6 [FABC-767] Failing goimports
8c5bc35 [FABC-757] add charset to mysql tables
afa77f9 Merge "[FABC-748]Incorrect version description of Go"
2ebd68e [FABC-467] - Print TLS key used
6848469 Merge "[FAB-9938] Add req method and uri to sig payload"
fbac2aa Merge changes I30277c48,I47345396
d80509b [FABC-748]Incorrect version description of Go
99517e9 [FAB-9938] Add req method and uri to sig payload
b7a5590 [FABC-741] Update user doc for HSM configuration
b270271 [FABC-723] Brute force attack
a88ff53 [FAB-8475] Run migration logic only if db level is old
ebbd2ed [FAB-7347] Flag and env var for logging level
bd7f997 [FABC-744] Revendor certificate-transparency-go
787b98e Merge "[FABC-492] Superfluous checks for deleting identity"
3c1585b [FABC-4...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v1.4.6 Release Notes - February 25, 2020

Fixes

Changes, Known Issues, and Workarounds

Known Vulnerabilities

Resolved Vulnerabilities

Change log

Changes:

v1.4.5 Release Notes - February 19, 2020

Fixes

Changes, Known Issues, and Workarounds

Known Vulnerabilities

Resolved Vulnerabilities

Change log

Changes:

v1.4.4 Release Notes - November 14, 2019

What's New in Hyperledger Fabric CA v1.4.4

Fixes

Changes, Known Issues, and Workarounds

Known Vulnerabilities

Resolved Vulnerabilities

Change log

Changes:

Releases: hyperledger/fabric-ca

v1.4.6

v1.4.6 Release Notes - February 25, 2020

Fixes

Changes, Known Issues, and Workarounds

Known Vulnerabilities

Resolved Vulnerabilities

Change log

Changes:

v1.4.5

v1.4.5 Release Notes - February 19, 2020

Fixes

Changes, Known Issues, and Workarounds

Known Vulnerabilities

Resolved Vulnerabilities

Change log

Changes:

v1.4.4

v1.4.4 Release Notes - November 14, 2019

What's New in Hyperledger Fabric CA v1.4.4

Fixes

Changes, Known Issues, and Workarounds

Known Vulnerabilities

Resolved Vulnerabilities

Change log

Changes:

v1.4.3 Release Notes - August 26, 2019

v1.4.2 Release Notes - July 17, 2019

v1.4.1 Release Notes - April 11, 2019

v2.0.0-alpha Release Notes - April 9, 2019

v1.4.0 Release Notes - January 9th, 2019

v1.3.0 Release Notes - October 10, 2018

v1.2.1 September 27, 2018