aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2019-06-05 23:32:21 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>2019-06-05 23:32:21 +0200
commite21015630eb54bc5fba3d147962ac1d92a1ac1c8 (patch)
tree24ffe360505f12d903fec8fa1ee0fd5a3f8601cc
parent9efc5e6ea56013249cb7d9746fa0b21916e79549 (diff)
Document OJSI-112 vulnerability
Issue-ID: OJSI-112 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Id28f332ddcdd5c69f5a82758d05c10d19606faff
-rw-r--r--docs/release-notes.rst1
1 files changed, 1 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 4123ff95c..5ca3186c0 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -119,6 +119,7 @@ The Dublin release added the following functionality:
- `OJSI-29 <https://jira.onap.org/browse/OJSI-29>`_ - Unsecured Swagger UI Interface in AAPC
- CVE-2019-12124 `OJSI-63 <https://jira.onap.org/browse/OJSI-63>`_ - APPC exposes Jolokia Interface which allows to read and overwrite any arbitrary file
- `OJSI-95 <https://jira.onap.org/browse/OJSI-95>`_ - appc-cdt allows to impersonate any user by setting USER_ID
+ - `OJSI-112 <https://jira.onap.org/browse/OJSI-112>`_ - In default deployment APPC (appc-dgbuilder) exposes HTTP port 30228 outside of cluster.
*Known Vulnerabilities in Used Modules*