diff options
-rw-r--r-- | docs/release-notes.rst | 62 |
1 files changed, 61 insertions, 1 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 93b0b717..c6ef571d 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -3,6 +3,66 @@ Release Notes ############# +Version 0.5.1 +************* +:Release Date: 2019-08-19 + +El Alto Early Drop release + +**New Features** + +There are no new features in the El Alto early drop release. The focus of this release is on bug +fixes, with a particular emphasis on security fixes. + +**Bug Fixes** +The full list of bug fixes in the El Alto early drop may be found at <https://jira.onap.org/issues/?filter=12018> + +The following table summarizes some of the most significant issues addressed: + ++--------------+----------------------------------------------------+ +| Jira # | Abstract | ++==============+====================================================+ +| [CCSDK-1445] | loading jdbc driver Exception in ccsdk | ++--------------+----------------------------------------------------+ +| [CCSDK-1443] | cds blueprint processor does not start | ++--------------+----------------------------------------------------+ +| [CCSDK-1240] | CVE-20190-3795 : spring-data-core vulnerability | ++--------------+----------------------------------------------------+ +| [CCSDK-1239] | CVE-2019-3797 : spring-data vulnerability | ++--------------+----------------------------------------------------+ +| [CCSDK-1238] | Multiple CVEs - commons-compress | ++--------------+----------------------------------------------------+ +| [CCSDK-1117] | Remove runtime internet dependency for dgbuilder | ++--------------+----------------------------------------------------+ +| [CCSDK-991] | Upgrade to spring-core 2.8.6 or higher | ++--------------+----------------------------------------------------+ +| [CCSDK-988] | Multiple CVEs - spring-expression < 4.3.17.RELEASE | ++--------------+----------------------------------------------------+ +| [CCSDK-441] | Spring 3 vulnerability CVE-2018-1270 | ++--------------+----------------------------------------------------+ +**Known Issues** + +The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341> + +**Security Notes** + +*Fixed Security Issues* + +*Known Security Issues* + + * In default deployment CCSDK (netbox-nginx) exposes HTTP port 30420 outside of cluster. [`OJSI-160 <https://jira.onap.org/browse/OJSI-160>`_] + * In default deployment CCSDK (cds-ui) exposes HTTP port 30497 outside of cluster. [`OJSI-196 <https://jira.onap.org/browse/OJSI-196>`_] + * In default deployment CCSDK (cds-blueprints-processor-http) exposes HTTP port 30499 outside of cluster. [`OJSI-197 <https://jira.onap.org/browse/OJSI-197>`_] + +*Known Vulnerabilities in Used Modules* + +Quick Links: + - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_ + + - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_ + + - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=51282469>`_ + Version 0.4.4/0.4.5 ******************* :Release Date: 2019-06-13 @@ -12,7 +72,7 @@ Note: The Dublin version for most CCSDK repositories is 0.4.4, except for CDS wh **New Features** -The full list of Dublin epics and user stories for CCSDK maybe be found at <https://jira.onap.org/issues/?filter=11802>. +The full list of Dublin epics and user stories for CCSDK may be found at <https://jira.onap.org/issues/?filter=11802>. The following list summarizes some of the most significant epics: |