diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-05-27 18:06:32 +0200 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-05-30 17:47:03 +0200 |
commit | d9e8b34a0f2bda167671fe19db20feee5410fceb (patch) | |
tree | f106016f9df911512645b5c833585d0870dffee2 | |
parent | d20ca31bb588ac665566df777363973257218819 (diff) |
Document OJSI-109 vulnerability
Issue-ID: OJSI-109
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ibaef5bcfcf201c451395aa10e9d14ba1d5ba6b43
-rw-r--r-- | docs/sections/release-notes.rst | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst index e43b1c50..d689ca2e 100644 --- a/docs/sections/release-notes.rst +++ b/docs/sections/release-notes.rst @@ -105,6 +105,8 @@ Source code of DCAE components are released under the following repositories on *Known Security Issues* + * In default deployment DCAEGEN2 (xdcae-datafile-collector) exposes HTTP port 30223 outside of cluster. [`OJSI-109 <https://jira.onap.org/browse/OJSI-109>`_] + *Known Vulnerabilities in Used Modules* DCAE code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The DCAE open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=51282478>`_. |