summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2019-05-29 23:20:03 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>2019-06-01 00:47:33 +0200
commite32e75789b3dfc5bb8e5d699d104ea02825b3cf6 (patch)
tree4acc2ebeea019d31828ae926bb9fa28a4975a5ba
parent8b43b97d445e46588390e119bab4fded203a3ee2 (diff)
Improve security section of release notes
In order to provide users with more details on project's state in terms of security let's divide the security release notes into three sections: - Fixed Security Issues Contains a list of security fixes merged during this release (especially those reported via OJSI tickets). - Known Security Issues Contains a list of vulnerabilities detected in project during release which have not been fixed yet and thus should be mitigated by the user. - Known Vulnerabilities in Used Modules Contains information about NexusIQ scan results Issue-ID: SECCOM-238 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I8bbac2b7e7126369e30da218b69cdc3744d3c0c5
-rw-r--r--docs/templates/sections/release-notes.rst38
1 files changed, 24 insertions, 14 deletions
diff --git a/docs/templates/sections/release-notes.rst b/docs/templates/sections/release-notes.rst
index 9b6688c36..df6176029 100644
--- a/docs/templates/sections/release-notes.rst
+++ b/docs/templates/sections/release-notes.rst
@@ -6,11 +6,11 @@ Release Notes
=============
.. note::
- * This Release Notes must be updated each time the team decides to Release new artifacts.
- * The scope of this Release Notes is for this particular component. In other words, each ONAP component has its Release Notes.
- * This Release Notes is cumulative, the most recently Released artifact is made visible in the top of this Release Notes.
- * Except the date and the version number, all the other sections are optional but there must be at least one section describing the purpose of this new release.
- * This note must be removed after content has been added.
+ * This Release Notes must be updated each time the team decides to Release new artifacts.
+ * The scope of this Release Notes is for this particular component. In other words, each ONAP component has its Release Notes.
+ * This Release Notes is cumulative, the most recently Released artifact is made visible in the top of this Release Notes.
+ * Except the date and the version number, all the other sections are optional but there must be at least one section describing the purpose of this new release.
+ * This note must be removed after content has been added.
Version: x.y.z
@@ -26,18 +26,28 @@ Version: x.y.z
One or two sentences explaining the purpose of this Release.
**Bug Fixes**
- - `CIMAN-65 <https://jira.onap.org/browse/CIMAN-65>`_ and a sentence explaining what this defect is addressing.
+ - `CIMAN-65 <https://jira.onap.org/browse/CIMAN-65>`_ and a sentence explaining what this defect is addressing.
**Known Issues**
- - `CIMAN-65 <https://jira.onap.org/browse/CIMAN-65>`_ and two, three sentences.
- One sentences explaining what is the issue.
-
- Another sentence explaining the impact of the issue.
-
- And an optional sentence providing a workaround.
+ - `CIMAN-65 <https://jira.onap.org/browse/CIMAN-65>`_ and two, three sentences.
+ One sentences explaining what is the issue.
-**Security Issues**
- You may want to include a reference to CVE (Common Vulnerabilities and Exposures) `CVE <https://cve.mitre.org>`_
+ Another sentence explaining the impact of the issue.
+ And an optional sentence providing a workaround.
+
+**Security Notes**
+
+*Fixed Security Issues*
+
+ List of security issues fixed in this release including CVEs and OJSI tickets.
+
+*Known Security Issues*
+
+ List of new security issues that are left unfixed in this release including CVEs and OJSI tickets.
+
+*Known Vulnerabilities in Used Modules*
+
+ Results of know vulnerabilities analysis in used modules.
**Upgrade Notes**