From f47d74eb87be6fc0396e24df1d44ba6ce0e63f2c Mon Sep 17 00:00:00 2001
From: Abhishek Sahu <abhishek.sahu@hashicorp.com>
Date: Thu, 13 Feb 2025 14:39:49 +0530
Subject: [PATCH] Stage 1.20.3 (#22154)

Added changelog and version for releasing 1.20.3
---
 CHANGELOG.md    | 21 +++++++++++++++++++++
 version/VERSION |  2 +-
 2 files changed, 22 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index fa3e4a17f3e6..894a458aa23d 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,24 @@
+## 1.20.3 (February 13, 2025)
+
+SECURITY:
+
+* Upgrade Go to use v1.22.11 and bump Go X-Repositories to latest. This addresses CVE 
+[CVE-2024-45341](https://nvd.nist.gov/vuln/detail/CVE-2024-45341) and
+[CVE-2024-45336](https://nvd.nist.gov/vuln/detail/CVE-2024-45336) [[GH-22084](https://github.com/hashicorp/consul/issues/22084)]
+* Upgrade Go to use v1.22.12 and bump Go X-Repositories to latest. This addresses CVE
+[CVE-2025-22866](https://nvd.nist.gov/vuln/detail/CVE-2025-22866) [[GH-22132](https://github.com/hashicorp/consul/issues/22132)]
+
+IMPROVEMENTS:
+
+* connect: update supported envoy versions to 1.33.0, 1.32.3 [[GH-22138](https://github.com/hashicorp/consul/issues/22138)]
+* metadata: memoize the parsed build versions [[GH-22113](https://github.com/hashicorp/consul/issues/22113)]
+
+BUG FIXES:
+
+* Fixed logging error while building for OpenBSD OS [[GH-22120](https://github.com/hashicorp/consul/pull/22120)] [[GH-22120](https://github.com/hashicorp/consul/issues/22120)]
+* api-gateway: Fixed TLS configuration to properly enforce listener TLS versions and cipher suites [[GH-21984](https://github.com/hashicorp/consul/issues/21984)]
+* aws-auth: Fix bug where calls to AWS IAM and STS services error out due to URL with multiple trailing slashes. [[GH-22109](https://github.com/hashicorp/consul/issues/22109)]
+
 ## 1.20.2 (December 26, 2024)
 SECURITY:
 * Removed ability to use bexpr to filter results without ACL read on endpoint [[GH-21950](https://github.com/hashicorp/consul/issues/21950)]
diff --git a/version/VERSION b/version/VERSION
index 03d6f0b2bc4f..f5b00dc262be 100644
--- a/version/VERSION
+++ b/version/VERSION
@@ -1 +1 @@
-1.20.3-dev
+1.20.3