summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVijay VK <vv770d@att.com>2019-05-31 01:48:52 +0100
committerVENKATESH KUMAR <vv770d@att.com>2019-05-30 20:49:20 -0400
commitcd55fc2ecf6d42e78821ee381a983e0e48c680b4 (patch)
tree34e35ee7737842bfa5afd4ab4dacb94da3587f62
parent53374d5987a2d77e18481963803b6e57761f36b0 (diff)
OJSI updates for Dublin branch
Change-Id: I4f2ff56c473f7c08e801ac8271a6b2b01dd4571c Signed-off-by: VENKATESH KUMAR <vv770d@att.com> Issue-ID: OJSI-201 Issue-ID: OJSI-195 Issue-ID: OJSI-187 Issue-ID: OJSI-30 Issue-ID: OJSI-28 Issue-ID: OJSI-161 Issue-ID: OJSI-159 Issue-ID: OJSI-131 Issue-ID: OJSI-116 Issue-ID: OJSI-109
Diffstat
-rw-r--r--docs/sections/release-notes.rst11
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst
index e43b1c50..f073d0d8 100644
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -105,6 +105,17 @@ Source code of DCAE components are released under the following repositories on
*Known Security Issues*
+ * Unsecured Swagger UI Interface in xdcae-datafile-collector. [`OJSI-28 <https://jira.onap.org/browse/OJSI-28>`_]
+ * Unsecured Swagger UI Interface in xdcae-ves-collector. [`OJSI-30 <https://jira.onap.org/browse/OJSI-30>`_]
+ * In default deployment DCAEGEN2 (xdcae-datafile-collector) exposes HTTP port 30223 outside of cluster. [`OJSI-109 <https://jira.onap.org/browse/OJSI-109>`_]
+ * In default deployment DCAEGEN2 (xdcae-ves-collector) exposes HTTP port 30235 outside of cluster. [`OJSI-116 <https://jira.onap.org/browse/OJSI-116>`_]
+ * In default deployment DCAEGEN2 (dcae-datafile-collector) exposes HTTP port 30262 outside of cluster. [`OJSI-131 <https://jira.onap.org/browse/OJSI-131>`_]
+ * In default deployment DCAEGEN2 (xdcae-dashboard) exposes HTTP port 30418 outside of cluster. [`OJSI-159 <https://jira.onap.org/browse/OJSI-159>`_]
+ * In default deployment DCAEGEN2 (xdcae-tca-analytics) exposes HTTP port 32010 outside of cluster. [`OJSI-161 <https://jira.onap.org/browse/OJSI-161>`_]
+ * In default deployment DCAEGEN2 (dcae-redis) exposes redis port 30286 outside of cluster. [`OJSI-187 <https://jira.onap.org/browse/OJSI-187>`_]
+ * In default deployment DCAEGEN2 (config-binding-service) exposes HTTP port 30415 outside of cluster. [`OJSI-195 <https://jira.onap.org/browse/OJSI-195>`_]
+ * CVE-2019-12126 - DCAE TCA exposes unprotected APIs/UIs on port 32010. [`OJSI-201 <https://jira.onap.org/browse/OJSI-201>`_]
+
*Known Vulnerabilities in Used Modules*
DCAE code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The DCAE open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=51282478>`_.