Releases: Consensys/tessera
Tessera 22.1.3
- dependency updates
- dependency check plugin
- h2database 2.1.212
- SNI flag config option
tessera-dist-22.1.3.tar
enclave-jaxrs-22.1.3.tar
azure-key-vault-22.1.3.tar
aws-key-vault-22.1.3.tar
hashicorp-key-vault-22.1.3.tar
Docker Images
Tessera 22.1.2
Some changes to docker images:
- wget and nc in docker images
- all docker images now based on debian
- this provides arm64 support in addition to amd64
- If you use the Tessera image without installing packages, this is a non breaking change.
- Note this will affect you only if you are installing packages to the Tessera image via apk in which case you now need to use apt.
- eg if you are using
apk add vimthis would change toapt add vim
tessera-dist-22.1.2.tar
enclave-jaxrs-22.1.2.tar
azure-key-vault-22.1.2.tar
aws-key-vault-22.1.2.tar
hashicorp-key-vault-22.1.2.tar
Docker Images
Tessera 22.1.1
This is a minor release to update dependencies including
- jackson 2.13.2
- jackson-databind 2.13.2.2
Security
- Fix CVE-2020-36518 -- #1410 #1439
tessera-dist-22.1.1.tar
enclave-jaxrs-22.1.1.tar
azure-key-vault-22.1.1.tar
aws-key-vault-22.1.1.tar
hashicorp-key-vault-22.1.1.tar
Docker Images
Tessera-22.1.0
This is a minor release to introduce CBOR payload encoding as additional/strategic option and fix security vulnerabilities.
Note: This release has a breakable change #1347 which need altering DB using alter script provided. For users running Tessera with default DB (H2), a complete database migration is required to fix CVE-2021-23463. Please refer to readme for further instructions.
Features & Enhancements
- Introduce CBOR payload encoder #1347
- Add
--config-fileoption as an alias for config file #1346 - Upgrade dependencies #1361 #1362 #1363
- Update(Alter) DDLs to add payload_codec column #1376
- Remove codec not null constraint #1380
Security
- Fix CVE-2021-23463 -- #1365 #1370
- Fix CVE-2021-42392 -- #1378
- Fix CVE-2021-42550 -- #1379
tessera-dist-22.1.0.tar
enclave-jaxrs-22.1.0.tar
azure-key-vault-22.1.0.tar
aws-key-vault-22.1.0.tar
hashicorp-key-vault-22.1.0.tar
Docker Images
Tessera-21.7.3
Maintenance release to update logback version as precautionary measure from Tessera in light of LOGBACK-1591.
tessera-dist-21.7.3.tar
enclave-jaxrs-21.7.3.tar
azure-key-vault-21.7.3.tar
aws-key-vault-21.7.3.tar
hashicorp-key-vault-21.7.3.tar
Docker Images
Tessera-21.10.0
This release introduces new feature called Mandatory Recipients. This feature allows a central or governing party to have the full private state of defined contracts.
Features & Enhancements
- Add support for mandatory recipients #1325 #1328 #1329
- Add Data Definition Languages (DDLs) and validation for staging tables #1334
- Move DB validation from upcheck to launcher resource #1333
Security
- Migrate from Javax to Jakarta Expression Language due to CVE-2021-28170 advisory #1330
tessera-dist-21.10.0.tar
enclave-jaxrs-21.10.0.tar
azure-key-vault-21.10.0.tar
aws-key-vault-21.10.0.tar
hashicorp-key-vault-21.10.0.tar
Docker Images
Tessera-21.7.2
This is a maintenance release.
Fixes & Cleanup
- Metrics formatting: preserve trailing whitespace #1320
- Resolve CVE-2021-34429 & re-enable slack notifications #1321
- Fix jasypt encryption bug #1322
tessera-dist-21.7.2.tar
enclave-jaxrs-21.7.2.tar
azure-key-vault-21.7.2.tar
aws-key-vault-21.7.2.tar
hashicorp-key-vault-21.7.2.tar
Docker Images
Tessera-21.7.1
This is a maintenance release.
Fixes
- Fix '/metrics' endpoint for monitoring requirements #1316
tessera-dist-21.7.1.tar
enclave-jaxrs-21.7.1.tar
azure-key-vault-21.7.1.tar
aws-key-vault-21.7.1.tar
hashicorp-key-vault-21.7.1.tar
Tessera-21.7.0
This is a major maintenance release introducing various refactoring to enhance the quality of the Tessera codebase and distribution.
This release brings no functional enhancements.
The upgrade includes (for a full list refer #1292):
- Replace shaded
.jardistribution withzip/tardistribution (for help using the newzip/tardistributions refer to the docs) - Replace Maven with Gradle for build/release management
- Migrate to Java Jigsaw / Java 9 Platform Module Services (JPMS)
- Remove spring dependency for core Tessera processing
- Remove tech debt (deprecated configuration e.g. config/server and config/unixfile)
Enhancements
Fixes
- Update DDLs #1298
Documentation
Other
- We now publish distinct Docker images for core Tessera distribution and for each specific integrated key vault distribution (AWS / Azure / Hashicorp)
tessera-dist-21.7.0.tar
enclave-jaxrs-21.7.0.tar
azure-key-vault-21.7.0.tar
aws-key-vault-21.7.0.tar
hashicorp-key-vault-21.7.0.tar
Tessera-21.4.1
This is a maintenance release.
Security
- Upgrade hibernate validator due to CVE-2020-10693 advisory #1286
Fixes & Tech Debt Cleanup
- Check dependencies before release #1287
tessera-app-21.4.1-app.jar
tessera-simple-21.4.1-app.jar
data-migration-21.4.1-cli.jar
config-migration-21.4.1-cli.jar
enclave-jaxrs-21.4.1-server.jar
azure-key-vault-21.4.1-all.jar
hashicorp-key-vault-21.4.1-all.jar
aws-key-vault-21.4.1-all.jar