diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-05-29 23:20:03 +0200 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-06-01 00:47:33 +0200 |
commit | e32e75789b3dfc5bb8e5d699d104ea02825b3cf6 (patch) | |
tree | 4acc2ebeea019d31828ae926bb9fa28a4975a5ba | |
parent | 8b43b97d445e46588390e119bab4fded203a3ee2 (diff) |
Improve security section of release notes
In order to provide users with more details on project's state in
terms of security let's divide the security release notes into three
sections:
- Fixed Security Issues
Contains a list of security fixes merged during this
release (especially those reported via OJSI tickets).
- Known Security Issues
Contains a list of vulnerabilities detected in project during
release which have not been fixed yet and thus should be mitigated
by the user.
- Known Vulnerabilities in Used Modules
Contains information about NexusIQ scan results
Issue-ID: SECCOM-238
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I8bbac2b7e7126369e30da218b69cdc3744d3c0c5
-rw-r--r-- | docs/templates/sections/release-notes.rst | 38 |
1 files changed, 24 insertions, 14 deletions
diff --git a/docs/templates/sections/release-notes.rst b/docs/templates/sections/release-notes.rst index 9b6688c36..df6176029 100644 --- a/docs/templates/sections/release-notes.rst +++ b/docs/templates/sections/release-notes.rst @@ -6,11 +6,11 @@ Release Notes ============= .. note:: - * This Release Notes must be updated each time the team decides to Release new artifacts. - * The scope of this Release Notes is for this particular component. In other words, each ONAP component has its Release Notes. - * This Release Notes is cumulative, the most recently Released artifact is made visible in the top of this Release Notes. - * Except the date and the version number, all the other sections are optional but there must be at least one section describing the purpose of this new release. - * This note must be removed after content has been added. + * This Release Notes must be updated each time the team decides to Release new artifacts. + * The scope of this Release Notes is for this particular component. In other words, each ONAP component has its Release Notes. + * This Release Notes is cumulative, the most recently Released artifact is made visible in the top of this Release Notes. + * Except the date and the version number, all the other sections are optional but there must be at least one section describing the purpose of this new release. + * This note must be removed after content has been added. Version: x.y.z @@ -26,18 +26,28 @@ Version: x.y.z One or two sentences explaining the purpose of this Release. **Bug Fixes** - - `CIMAN-65 <https://jira.onap.org/browse/CIMAN-65>`_ and a sentence explaining what this defect is addressing. + - `CIMAN-65 <https://jira.onap.org/browse/CIMAN-65>`_ and a sentence explaining what this defect is addressing. **Known Issues** - - `CIMAN-65 <https://jira.onap.org/browse/CIMAN-65>`_ and two, three sentences. - One sentences explaining what is the issue. - - Another sentence explaining the impact of the issue. - - And an optional sentence providing a workaround. + - `CIMAN-65 <https://jira.onap.org/browse/CIMAN-65>`_ and two, three sentences. + One sentences explaining what is the issue. -**Security Issues** - You may want to include a reference to CVE (Common Vulnerabilities and Exposures) `CVE <https://cve.mitre.org>`_ + Another sentence explaining the impact of the issue. + And an optional sentence providing a workaround. + +**Security Notes** + +*Fixed Security Issues* + + List of security issues fixed in this release including CVEs and OJSI tickets. + +*Known Security Issues* + + List of new security issues that are left unfixed in this release including CVEs and OJSI tickets. + +*Known Vulnerabilities in Used Modules* + + Results of know vulnerabilities analysis in used modules. **Upgrade Notes** |