diff options
| author |   Fiachra Corcoran <fiachra.corcoran@est.tech> | 2019-07-23 15:00:28 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2019-07-23 15:00:28 +0000 |
| commit | d6302cb0b3db8043598e8b6bc3dc5ed436f848cb (patch) | |
| tree | 823ecb3cd1b85b6191b13c4c4416473248dfd7f1 | |
| parent | 534c164c124950a2019acf71d253ac96be12c78c (diff) | |
| parent | 398d0fe04789e3a108b0601c972022e1270bade6 (diff) | |
Merge changes Id40d25d3,I12263a65
* changes:
Document OJSI-158 vulnerability
Improve security release notes
| -rw-r--r-- | docs/release-notes.rst | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 397d64e9..88bd2961 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -47,6 +47,15 @@ Known Issues N/A Security Issues + +*Fixed Security Issues* + +*Known Security Issues* + +- In default deployment DMAAP (dmaap-dr-prov) exposes HTTP port 30259 outside of cluster. [`OJSI-158 <https://jira.onap.org/browse/OJSI-158>`_] + +*Known Vulnerabilities in Used Modules* + DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The DMAAP open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=42598688>`_. |