summaryrefslogtreecommitdiffstats
path: root/docs/release-notes.rst
diff options
context:
space:
mode:
authorFiachra Corcoran <fiachra.corcoran@est.tech>2019-07-23 15:00:28 +0000
committerGerrit Code Review <gerrit@onap.org>2019-07-23 15:00:28 +0000
commitd6302cb0b3db8043598e8b6bc3dc5ed436f848cb (patch)
tree823ecb3cd1b85b6191b13c4c4416473248dfd7f1 /docs/release-notes.rst
parent534c164c124950a2019acf71d253ac96be12c78c (diff)
parent398d0fe04789e3a108b0601c972022e1270bade6 (diff)
Merge changes Id40d25d3,I12263a65
* changes: Document OJSI-158 vulnerability Improve security release notes
Diffstat (limited to 'docs/release-notes.rst')
-rw-r--r--docs/release-notes.rst9
1 files changed, 9 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 397d64e9..88bd2961 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -47,6 +47,15 @@ Known Issues
N/A
Security Issues
+
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+- In default deployment DMAAP (dmaap-dr-prov) exposes HTTP port 30259 outside of cluster. [`OJSI-158 <https://jira.onap.org/browse/OJSI-158>`_]
+
+*Known Vulnerabilities in Used Modules*
+
DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been
addressed, items that remain open have been assessed for risk and determined to be false positive. The DMAAP open
Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=42598688>`_.