From 5964ad370ab6cec361ce63883b5f1db067d29151 Mon Sep 17 00:00:00 2001
From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Wed, 5 Jun 2019 01:34:35 +0200
Subject: Improve security release notes

In order to provide users with more details of project's state in
terms of security let's divide the security release notes into three
sections:

- Fixed Security Issues
  Contains a list of security fixes merged during this
  release (especially those reported via OJSI tickets).

- Known Security Issues
  Contains a list of vulnerabilities detected in project during
  release which have not been fixed yet and thus should be mitigated
  by the user.

- Known Vulnerabilities in Used Modules
  Contains information about NexusIQ scan results

Issue-ID: SECCOM-238
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I12263a650c5571ba04c0a1f5ae43c16c5fb2e749
---
 docs/release-notes.rst | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'docs')

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index c701eeb5..334daaa7 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -47,6 +47,13 @@ Known Issues
 N/A
 
 Security Issues
+
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+*Known Vulnerabilities in Used Modules*
+
 DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been
 addressed, items that remain open have been assessed for risk and determined to be false positive. The DMAAP open
 Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=42598688>`_.
-- 
cgit 1.2.3-korg


From 398d0fe04789e3a108b0601c972022e1270bade6 Mon Sep 17 00:00:00 2001
From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Wed, 5 Jun 2019 01:38:31 +0200
Subject: Document OJSI-158 vulnerability

Issue-ID: OJSI-158
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Id40d25d3f7cc6abfc0d2a7e3654a5fd813ad797c
---
 docs/release-notes.rst | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'docs')

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 334daaa7..4f2ddb6f 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -52,6 +52,8 @@ Security Issues
 
 *Known Security Issues*
 
+- In default deployment DMAAP (dmaap-dr-prov) exposes HTTP port 30259 outside of cluster. [`OJSI-158 <https://jira.onap.org/browse/OJSI-158>`_]
+
 *Known Vulnerabilities in Used Modules*
 
 DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been
-- 
cgit 1.2.3-korg