Add release notes for v1.12.15, v1.15.5, v1.16.3

content/docs/contributing/release-process.md

@@ -249,7 +249,7 @@ page if a step is missing or if it is outdated.
       ```
 
    4. (**final + patch release of the latest minor version**) Bump the latest
-      cert-manager version variable in the `variables.json` file.
+      cert-manager version variable in the `content/docs/variables.json` file.
 
       ```diff
       -"cert_manager_latest_version": "v1.14.2",

content/docs/releases/release-notes/release-notes-1.12.md

@@ -217,6 +217,16 @@ time and resources towards the continued maintenance of cert-manager projects. V
 cert-manager 1.12 as a long term support release, meaning it will be maintained for much longer
 than other releases to provide a stable platform for enterprises to build upon.
 
+## `v1.12.15`
+
+cert-manager `v1.12.15` contains simple dependency bumps to address reported CVEs (`CVE-2024-45337` and `CVE-2024-45338`).
+
+We don't believe that cert-manager is actually vulnerable; this release is instead intended to satisfy vulnerability scanners.
+
+### Bug Fixes
+
+- Bump `golang.org/x/net` and `golang.org/x/crypto` to address `CVE-2024-45337` and `CVE-2024-45338` ([#7497](https://github.com/cert-manager/cert-manager/pull/7497), [@wallrj](https://github.com/wallrj))
+
 ## `v1.12.14`
 
 This patch release makes [several changes](https://github.com/cert-manager/cert-manager/pull/7403) to how PEM input is validated in
@@ -234,7 +244,7 @@ Further details are in the [security advisory](https://github.com/cert-manager/c
 This patch release also fixes [an issue](https://github.com/golang-jwt/jwt/security/advisories/GHSA-29wx-vh33-7x7r) reported by Trivy,
 although that issue is low severity and is not expected to be relevant to cert-manager.
 
-## Bug Fixes
+### Bug Fixes
 
 - Set a maximum size for PEM inputs which cert-manager will accept to remove possibility of taking a long time to process an input ([#7403](https://github.com/cert-manager/cert-manager/pull/7403), [@SgtCoDFish](https://github.com/SgtCoDFish))
 - Fix `CVE-2024-5174` in `github.com/golang-jwt/jwt/v4` ([#7407](https://github.com/cert-manager/cert-manager/pull/7407), [@SgtCoDFish](https://github.com/SgtCoDFish))
@@ -259,7 +269,7 @@ This patch release fixes the following vulnerabilities:
 > Those newer minor versions of the Kubernetes modules pulled in new transitive dependencies,
 > and incremented the minimum Go version from `1.20` to `1.21`.
 
-### Bugfixes
+### Bug Fixes
 
 - Bump the `go-retryablehttp` dependency to fix `CVE-2024-6104` ([#7128](https://github.com/cert-manager/cert-manager/pull/7128), [@SgtCoDFish](https://github.com/SgtCoDFish))
 - Updated Helm dependency to resolve `CVE-2024-25620` and `CVE-2024-26147` and Docker dependency to resolve `CVE-2024-41110` ([#7214](https://github.com/cert-manager/cert-manager/pull/7214), [@ThatsMrTalbot](https://github.com/ThatsMrTalbot))
@@ -343,7 +353,7 @@ This patch release fixes the following vulnerabilities:
 
 ## `v1.12.12`
 
-### Bugfixes
+### Bug Fixes
 
 - BUGFIX: fix issue that caused Vault issuer to not retry signing when an error was encountered. ([#7113](https://github.com/cert-manager/cert-manager/pull/7113), [@cert-manager-bot](https://github.com/cert-manager-bot))
 

content/docs/releases/release-notes/release-notes-1.15.md

@@ -33,6 +33,20 @@ Thanks also to the CNCF, which provides resources and support, and to the AWS op
 
 In addition, massive thanks to Venafi for contributing developer time and resources towards the continued maintenance of cert-manager projects.
 
+## `v1.15.5`
+
+cert-manager `v1.15.5` is a simple dependency bump update, addressing reported CVEs (`CVE-2024-45337` and `CVE-2024-45338`).
+
+We don't believe that cert-manager is actually vulnerable; this release is instead intended to satisfy vulnerability scanners.
+
+### Bug Fixes
+
+- Bump `golang.org/x/net` and `golang.org/x/crypto` to address `CVE-2024-45337` and `CVE-2024-45338` ([#7496](https://github.com/cert-manager/cert-manager/pull/7496), [@wallrj](https://github.com/wallrj))
+
+### Other
+
+- Bump to go 1.22.10 ([#7507](https://github.com/cert-manager/cert-manager/pull/7507), [@SgtCoDFish](https://github.com/SgtCoDFish))
+
 ## `v1.15.4`
 
 This patch release makes [several changes](https://github.com/cert-manager/cert-manager/pull/7402) to how PEM input is validated in

content/docs/releases/release-notes/release-notes-1.16.md

@@ -195,6 +195,7 @@ Read [cert-manager issue 6753](https://github.com/cert-manager/cert-manager/issu
 ## Community
 
 Thanks to all our open-source contributors with commits in this release, including:
+
 [`@Guitarkalle`](https://github.com/Guitarkalle),
 [`@Jasper-Ben`](https://github.com/Jasper-Ben),
 [`@aidy`](https://github.com/aidy),
@@ -210,6 +211,7 @@ Thanks to all our open-source contributors with commits in this release, includi
 [`@sankalp-at-gh`](https://github.com/sankalp-at-gh).
 
 Thanks also to the following cert-manager maintainers for their contributions during this release:
+
 [`@SgtCoDFish`](https://github.com/SgtCoDFish),
 [`@ThatsMrTalbot`](https://github.com/ThatsMrTalbot),
 [`@inteon`](https://github.com/inteon),
@@ -221,6 +223,24 @@ Thanks also to the CNCF, which provides resources and support, and to the AWS op
 
 In addition, massive thanks to Venafi for contributing developer time and resources towards the continued maintenance of cert-manager projects.
 
+## `v1.16.3`
+
+cert-manager `v1.16.3` is a patch release mainly focused around bumping dependencies to address reported CVEs: `CVE-2024-45337` and `CVE-2024-45338`.
+
+We don't believe that cert-manager is actually vulnerable; this release is instead intended to satisfy vulnerability scanners.
+
+It also includes a bug fix to the new `renewBeforePercentage` field. If you were using `renewBeforePercentage`, see [PR #7421](https://github.com/cert-manager/cert-manager/pull/7421) for more information.
+
+### Bug Fixes
+
+- Bump `golang.org/x/net` and `golang.org/x/crypto` to address `CVE-2024-45337` and `CVE-2024-45338` ([#7485](https://github.com/cert-manager/cert-manager/pull/7485), [@erikgb](https://github.com/erikgb))
+- Fix the behavior of `renewBeforePercentage` to comply with its spec ([#7441](https://github.com/cert-manager/cert-manager/pull/7441), [@cert-manager-bot](https://github.com/cert-manager-bot))
+
+### Other
+
+- Bump go to 1.23.4 ([#7489](https://github.com/cert-manager/cert-manager/pull/7489), [@erikgb](https://github.com/erikgb))
+- Bump base images to latest available ([#7508](https://github.com/cert-manager/cert-manager/pull/7508), [@SgtCoDFish](https://github.com/SgtCoDFish))
+
 ## `v1.16.2`
 
 This patch release makes [several changes](https://github.com/cert-manager/cert-manager/pull/7401) to how PEM input is validated in
@@ -241,7 +261,7 @@ In addition, the version of Go used to build cert-manager 1.16 was updated along
 
 - Set a maximum size for PEM inputs which cert-manager will accept to remove possibility of taking a long time to process an input ([#7401](https://github.com/cert-manager/cert-manager/pull/7401), @SgtCoDFish)
 
-#### Other (Cleanup or Flake)
+### Other (Cleanup or Flake)
 
 - Bump go to 1.23.3 and bump base images to latest available ([#7431](https://github.com/cert-manager/cert-manager/pull/7431), @SgtCoDFish)
 
@@ -251,7 +271,7 @@ cert-manager `v1.16.1` contains some fixes to Helm value schema validation, as w
 
 Changes since `v1.16.0`.
 
-### Bug or Regression
+### Bug Fixes
 
 - BUGFIX: Helm schema validation: the new schema validation was too strict for the "global" section. Since the global section is shared across all charts and sub-charts, we must also allow unknown fields. ([#7348](https://github.com/cert-manager/cert-manager/pull/7348), [`@inteon`](https://github.com/inteon))
 - BUGFIX: Helm will now accept percentages for the `podDisruptionBudget.minAvailable` and `podDisruptionBudget.maxAvailable` values. ([#7345](https://github.com/cert-manager/cert-manager/pull/7345), [`@inteon`](https://github.com/inteon))

content/docs/variables.json

@@ -1,3 +1,3 @@
 {
-  "cert_manager_latest_version": "v1.16.2"
+  "cert_manager_latest_version": "v1.16.3"
 }