From 637c5edbc093b1988c9990c60cb50a9a4e2dbcd2 Mon Sep 17 00:00:00 2001 From: wr148d Date: Wed, 16 Mar 2022 16:09:23 -0400 Subject: [AAI] Updated releast notes to talk about transitive dependency on aaf log4j Issue-ID: AAI-3454 Signed-off-by: wr148d Change-Id: I2dfad5f07372eff1f7e545910da6d39377ea4ffe --- docs/release-notes.rst | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/docs/release-notes.rst b/docs/release-notes.rst index ae56b81a..9aac854c 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -22,7 +22,13 @@ Version: 9.0.1 The R9 Istanbul maintenance release of ONAP A&AI addressed some security vulnerabilities mainly for the Log4J dependencies -- Updated the log4j libraries to 2.17.2 +- Updated the direct dependency log4j libraries to 2.17.2 +- Please note log4j is still on older versions in a transitive dependency for aaf auth for the following mS + * onap-aai-aai-common + * onap-aai-babel + * onap-aai-resources + * onap-aai-schema-service + * onap-aai-traversal Version: 9.0.0 -------------- -- cgit 1.2.3-korg