diff options
author | Gildas Lanilis <gildas.lanilis@huawei.com> | 2018-05-29 14:56:04 -0700 |
---|---|---|
committer | Randa Maher <rx196w@att.com> | 2018-05-31 02:22:48 +0000 |
commit | 92333221182069f9114d589ecbdd1399a1d3c8b8 (patch) | |
tree | 610335efca884390dfb89c5374ec134464d41776 /docs | |
parent | b168ed26ec4978ea474c03974e99dbb338477a8c (diff) |
Document Security section of the Release Notes
Update with latest wording
Change-Id: I50dc9d708a7d020a21c31742091a486f1433a349
Issue-ID: DOC-271
Signed-off-by: Gildas Lanilis <gildas.lanilis@huawei.com>
(cherry picked from commit 2948985766b4542d43f9f117bd2fc6cc4ca58a56)
Diffstat (limited to 'docs')
-rw-r--r-- | docs/release-notes.rst | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst index ba42b1b40..0129f14a0 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -128,13 +128,20 @@ The following issues remain open at the end of Beijing release. - `APPC-154 <https://jira.onap.org/browse/APPC-154>`_ - Logging issue - Request REST API of APPC has RequestID (MDC) in Body or Payload section instead of Header. -**Security Issues** +**Security Notes** + +APPC code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The APPC open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=25438971>`_. -The security issues that remain open at the end of Beijing release can be found in the attached report from Nexus IQ - :download:`appc-Build-20180518-NexusIQ Report.pdf` Copy of full Nexus IQ Report. - - Additionally, communication over DMaaP currently does not use secure topics in this release. This has dependency on DMaaP to enable. + +Quick Links: + - `APPC project page <https://wiki.onap.org/display/DW/Application+Controller+Project>`_ + + - `Passing Badge information for APPC <https://bestpractices.coreinfrastructure.org/en/projects/1579>`_ + + - `Project Vulnerability Review Table for APPC <https://wiki.onap.org/pages/viewpage.action?pageId=25438971>`_ + **Other** - Limitations, Constraints and other worthy notes |