github.com/bestbeforetoday/fabric-ca@v2.0.0-alpha+incompatible/release_notes/v2.0.0-alpha.txt

github.com/bestbeforetoday/fabric-ca@v2.0.0-alpha+incompatible/release_notes/v2.0.0-alpha.txt (about)

     1  v2.0.0-alpha Release Notes - April 9, 2019
     2  ------------------------------------------
     3  
     4  What's New in Hyperledger Fabric CA v2.0
     5  ----------------------------------------
     6  
     7  FABC-408 Add support for CORS
     8  CORS can be enabled in Fabric CA server using new server flags:
     9  --cors.enabled   Enable CORS for the fabric-ca-server
    10  --cors.origins   Comma-separated list of Access-Control-Allow-Origin domains
    11  
    12  FABC-735 - Docker images with Alpine Linux
    13  Hyperledger Fabric CA Docker image will now use Alpine Linux,
    14  a security-oriented, lightweight Linux distribution.
    15  
    16  FABC-782
    17  Fabric CA API operational metrics
    18  
    19  FABC-789
    20  Fabric CA database operations metrics
    21  
    22  FABC-743
    23  Fabric CA health check
    24  
    25  
    26  Changes, Known Issues, and Workarounds
    27  --------------------------------------
    28  
    29  FAB-11096 - Docker images with Alpine Linux
    30  Bash is no longer available in Fabric images. Utilize Alpine's built-in
    31  sh or ash instead.
    32  
    33  
    34  Known Vulnerabilities
    35  ---------------------
    36  FABC-174 Commands can be manipulated to delete identities or affiliations
    37  
    38  This vulnerability can be resolved in one of two ways:
    39  
    40  1) Use HTTPS (TLS) so that the authorization header is not in clear text.
    41  
    42  2) The token generation/authentication mechanism was improved to optionally prevent
    43  token reuse. In v1.4 a more secure token can be used by setting environment variable:
    44  
    45  FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false
    46  
    47  However, it cannot be set to false until all clients have
    48  been updated to generate the more secure token and tolerate
    49  FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false.
    50  The Fabric CA client has been updated in v1.4 to generate the more secure token.
    51  The Fabric SDKs will be updated by v2.0 timeframe to generate the more secure token,
    52  at which time the default for Fabric CA server will change to:
    53  FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false
    54  
    55  Resolved Vulnerabilities
    56  ------------------------
    57  None.
    58  
    59  
    60  Other improvements and fixes
    61  ----------------------------
    62  Updated to Go version 1.11.5
    63  Updated baseimage version to 0.4.15
    64  
    65  For the full list of improvements and fixes, refer to the release change log:
    66  https://github.com/hyperledger/fabric-ca/blob/master/CHANGELOG.md#v200-alpha