From 2efe5ad2df017d205bba45303387e9bbc82cf1b6 Mon Sep 17 00:00:00 2001
From: David Enyeart <enyeart@us.ibm.com>
Date: Tue, 18 Jun 2024 13:04:49 -0400
Subject: [PATCH] Release commit for v1.5.12

Add release notes for v1.5.12.

Signed-off-by: David Enyeart <enyeart@us.ibm.com>
---
 Makefile                 |  2 +-
 lib/metadata/version.go  |  2 +-
 release_notes/v1.5.12.md | 46 ++++++++++++++++++++++++++++++++++++++++
 3 files changed, 48 insertions(+), 2 deletions(-)
 create mode 100644 release_notes/v1.5.12.md

diff --git a/Makefile b/Makefile
index 3423887f..b3e17260 100644
--- a/Makefile
+++ b/Makefile
@@ -32,7 +32,7 @@ PROJECT_NAME = fabric-ca
 GO_VER = 1.22.4
 UBUNTU_VER ?= 20.04
 DEBIAN_VER ?= stretch
-BASE_VERSION ?= v1.5.11
+BASE_VERSION ?= v1.5.12
 
 ARCH=$(shell go env GOARCH)
 PLATFORM=$(shell go env GOOS)-$(shell go env GOARCH)
diff --git a/lib/metadata/version.go b/lib/metadata/version.go
index 4a75ebf3..7e29b060 100644
--- a/lib/metadata/version.go
+++ b/lib/metadata/version.go
@@ -29,7 +29,7 @@ const (
 
 // Version specifies fabric-ca-client/fabric-ca-server version
 // It is defined by the Makefile and passed in with ldflags
-var Version = "1.5.11"
+var Version = "1.5.12"
 
 // GetVersionInfo returns version information for the fabric-ca-client/fabric-ca-server
 func GetVersionInfo(prgName string) string {
diff --git a/release_notes/v1.5.12.md b/release_notes/v1.5.12.md
new file mode 100644
index 00000000..69b50a03
--- /dev/null
+++ b/release_notes/v1.5.12.md
@@ -0,0 +1,46 @@
+v1.5.12 Release Notes - June 18, 2024
+=====================================
+
+v1.5.12 updates code dependencies.
+
+
+Dependencies
+------------
+
+Fabric CA v1.5.12 has been tested with the following dependencies:
+- Go 1.22.4
+- Ubuntu 20.04 (for Docker images)
+- Databases
+    - PostgreSQL 13
+    - MySQL 8.0
+
+
+Changes, Known Issues, and Workarounds
+--------------------------------------
+
+None.
+
+Known Vulnerabilities
+---------------------
+- FABC-174 Commands can be manipulated to delete identities or affiliations
+
+  This vulnerability can be resolved in one of two ways:
+
+    1) Use HTTPS (TLS) so that the authorization header is not in clear text.
+
+    2) The token generation/authentication mechanism was improved to optionally prevent
+       token reuse. As of v1.4 a more secure token can be used by setting environment variable:
+
+  FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false
+
+  However, it cannot be set to false until all clients have
+  been updated to generate the more secure token and tolerate
+  FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false.
+  The Fabric CA client has been updated in v1.4 to generate the more secure token.
+  The Fabric SDKs will be updated by v2.0 timeframe to generate the more secure token,
+  at which time the default for Fabric CA server will change to:
+  FABRIC_CA_SERVER_COMPATIBILITY_MODE_V1_3=false
+
+Resolved Vulnerabilities
+------------------------
+None.