summaryrefslogtreecommitdiffstats
path: root/docs/release-notes.rst
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2019-06-05 01:34:35 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>2019-06-05 01:34:35 +0200
commit5964ad370ab6cec361ce63883b5f1db067d29151 (patch)
tree4a6cc2db41fe48c2af596a1c5511150a2144dc94 /docs/release-notes.rst
parentbb01feceff0527c8f63ad513d85975e5c4e2e52f (diff)
Improve security release notes
In order to provide users with more details of project's state in terms of security let's divide the security release notes into three sections: - Fixed Security Issues Contains a list of security fixes merged during this release (especially those reported via OJSI tickets). - Known Security Issues Contains a list of vulnerabilities detected in project during release which have not been fixed yet and thus should be mitigated by the user. - Known Vulnerabilities in Used Modules Contains information about NexusIQ scan results Issue-ID: SECCOM-238 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I12263a650c5571ba04c0a1f5ae43c16c5fb2e749
Diffstat (limited to 'docs/release-notes.rst')
-rw-r--r--docs/release-notes.rst7
1 files changed, 7 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index c701eeb5..334daaa7 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -47,6 +47,13 @@ Known Issues
N/A
Security Issues
+
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+*Known Vulnerabilities in Used Modules*
+
DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been
addressed, items that remain open have been assessed for risk and determined to be false positive. The DMAAP open
Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=42598688>`_.