From 6289cf665cbd151510a6fb71e41b62f5260955d9 Mon Sep 17 00:00:00 2001
From: Abhishek Sahu <abhishek.sahu@hashicorp.com>
Date: Wed, 22 Jan 2025 17:54:40 +0530
Subject: [PATCH 1/2] chore: Updated changelog for 1.20.2 (#22094)

---
 CHANGELOG.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 8b06bb2561..fa3e4a17f3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,18 @@
+## 1.20.2 (December 26, 2024)
+SECURITY:
+* Removed ability to use bexpr to filter results without ACL read on endpoint [[GH-21950](https://github.com/hashicorp/consul/issues/21950)]
+* Resolved issue where hcl would allow duplicates of the same key in acl policy configuration. [[GH-21908](https://github.com/hashicorp/consul/issues/21908)]
+* Update `github.com/golang-jwt/jwt/v4` to v4.5.1 to address [GHSA-29wx-vh33-7x7r](https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r). [[GH-21951](https://github.com/hashicorp/consul/issues/21951)]
+* Update `golang.org/x/crypto` to v0.31.0 to address [GO-2024-3321](https://pkg.go.dev/vuln/GO-2024-3321). [[GH-22001](https://github.com/hashicorp/consul/issues/22001)]
+* Update `golang.org/x/net` to v0.33.0 to address [GO-2024-3333](https://pkg.go.dev/vuln/GO-2024-3333). [[GH-22021](https://github.com/hashicorp/consul/issues/22021)]
+* Update `registry.access.redhat.com/ubi9-minimal` image to 9.5 to address [CVE-2024-3596](https://nvd.nist.gov/vuln/detail/CVE-2024-3596),[CVE-2024-2511](https://nvd.nist.gov/vuln/detail/CVE-2024-2511),[CVE-2024-26458](https://nvd.nist.gov/vuln/detail/CVE-2024-26458). [[GH-22011](https://github.com/hashicorp/consul/issues/22011)]
+* api: Enforces strict content-type header validation to protect against XSS vulnerability. [[GH-21930](https://github.com/hashicorp/consul/issues/21930)]
+  FEATURES:
+* docs: added the docs for the grafana dashboards [[GH-21795](https://github.com/hashicorp/consul/issues/21795)]
+  BUG FIXES:
+* proxycfg: fix a bug where peered upstreams watches are canceled even when another target needs it. [[GH-21871](https://github.com/hashicorp/consul/issues/21871)]
+* state: ensure that identical manual virtual IP updates result in not bumping the modify indexes [[GH-21909](https://github.com/hashicorp/consul/issues/21909)]
+
 ## 1.20.1 (October 29, 2024)
 BREAKING CHANGES:
 

From a48420f7ba3213a358247c2ea5fd69f3c56fe8a1 Mon Sep 17 00:00:00 2001
From: Abhishek Sahu <abhishek.sahu@hashicorp.com>
Date: Thu, 23 Jan 2025 10:07:35 +0530
Subject: [PATCH 2/2] Bump VERSION for 1.20.x (#22099)

Update VERSION
---
 version/VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/version/VERSION b/version/VERSION
index 558dbb08f9..03d6f0b2bc 100644
--- a/version/VERSION
+++ b/version/VERSION
@@ -1 +1 @@
-1.20.2-dev
+1.20.3-dev