summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2019-05-27 18:06:32 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>2019-05-30 17:47:03 +0200
commitd9e8b34a0f2bda167671fe19db20feee5410fceb (patch)
treef106016f9df911512645b5c833585d0870dffee2
parentd20ca31bb588ac665566df777363973257218819 (diff)
Document OJSI-109 vulnerability
Issue-ID: OJSI-109 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ibaef5bcfcf201c451395aa10e9d14ba1d5ba6b43
-rw-r--r--docs/sections/release-notes.rst2
1 files changed, 2 insertions, 0 deletions
diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst
index e43b1c50..d689ca2e 100644
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -105,6 +105,8 @@ Source code of DCAE components are released under the following repositories on
*Known Security Issues*
+ * In default deployment DCAEGEN2 (xdcae-datafile-collector) exposes HTTP port 30223 outside of cluster. [`OJSI-109 <https://jira.onap.org/browse/OJSI-109>`_]
+
*Known Vulnerabilities in Used Modules*
DCAE code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The DCAE open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=51282478>`_.