aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPrudence Au <prudence.au@amdocs.com>2019-10-17 13:15:52 -0400
committerPrudence Au <prudence.au@amdocs.com>2019-10-17 13:44:56 -0400
commit4120ac4ad819c3ec81f597b27c1561be5a4e673b (patch)
tree4ccb40bb43671ef852eb5bcde6a3b7c06d5e5c0a
parent37bb672d41108279ba6994dc2df5f70e657b1a77 (diff)
Port release notes changes to elalto5.0.2-ONAPelalto
Issue-ID: LOG-1135 Signed-off-by: Prudence Au <prudence.au@amdocs.com> Change-Id: I44ece595d252808a841404c6f57cce4bccb01ec1
-rw-r--r--docs/release-notes.rst32
1 files changed, 23 insertions, 9 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 21e17ba..6088593 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -11,9 +11,9 @@ Version: 5.0.1 El Alto Release
------------------------------
El Alto
-------
- - logging-analytics Version: 1.5.0
+ - logging-analytics Version: 1.5.1
-:Release Date: 2019-10-01
+:Release Date: 2019-10-04
**New Features**
None
@@ -25,11 +25,16 @@ El Alto
- `LOG-874 <https://jira.onap.org/browse/LOG-874>`_ Vulnerability issue: fix/address/red-flag License org.json:json-20140107.jar
**Known Issues**
+ - `LOG-1159 <https://jira.onap.org/browse/LOG-1159>`_ Vulnerability issue: logging-analytics version 5.0.9.RELEASE
-**Security Notes**
-
- - LOG code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.
+**Known Security Issues**
+ - `OJSI-200 <https://jira.onap.org/browse/OJSI-200>`_ Logging exposes unprotected APIs/UIs (CVE-2019-12125)
+ - `OJSI-155 <https://jira.onap.org/browse/OJSI-155>`_ LOG demo target exposes plain text HTTP endpoint using port 30398
+ - `OJSI-125 <https://jira.onap.org/browse/OJSI-125>`_ log-es exposes plain text HTTP endpoint using port 30254
+ - `OJSI-124 <https://jira.onap.org/browse/OJSI-124>`_ log-kibana exposes plain text HTTP endpoint using port 30253
+ - `LOG-1114 <https://jira.onap.org/browse/LOG-1114>`_ Need for "ReadWriteMany" access on storage when deploying on Kubernetes?
+
Quick Links:
- `LOG project page <https://wiki.onap.org/display/DW/Logging+Enhancements+Project>`_
@@ -60,7 +65,7 @@ El Alto
- pomba-sdc-context-builder Version: 1.5.1
- pomba-sdnc-context-builder Version: 1.5.1
-:Release Date: 2019-10-01
+:Release Date: 2019-10-04
**New Features**
- None
@@ -86,9 +91,18 @@ El Alto
- `LOG-827 <https://jira.onap.org/browse/LOG-827>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER handlebars 2.0.0
- `LOG-1118 <https://jira.onap.org/browse/LOG-1118>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER and POMBA-NETWORK-DISCOVERY-CONTEXT-BUILDER js-yaml
- `LOG-1117 <https://jira.onap.org/browse/LOG-1117>`_ Vulnerability issue: POMBA-SDNC-CONTEXT-BUILDER and POMBA-NETWORK-DISCOVERY-CONTEXT-BUILDER uikit
-
-**Security Notes**
- - all nodeports for Kibana, context builders and data-router are open by default for now
+ - `LOG-1160 <https://jira.onap.org/browse/LOG-1160>`_ Vulnerability issue: jackson-databind 2.9.9
+ - `LOG-1016 <https://jira.onap.org/browse/LOG-1016>`_ When comparing attributes from multiple sources, violations thrown do not accurately show the issue.
+ - `LOG-1017 <https://jira.onap.org/browse/LOG-1017>`_ Violations are thrown on attributes that are same (or missing)
+ - `LOG-1051 <https://jira.onap.org/browse/LOG-1051>`_ pomba-data-router do not start due to wrong AAi configuration (with Dublin release of the data router but works with the Casablanca version)
+ - `LOG-1084 <https://jira.onap.org/browse/LOG-1084>`_ Need authentication for pomba-kibana (node port = 30234)
+ - `LOG-1085 <https://jira.onap.org/browse/LOG-1085>`_ Need authentication for logging-elasticsearch (node port = 30254)
+ - `LOG-1086 <https://jira.onap.org/browse/LOG-1086>`_ Need authentication for logging-kibana (node port = 30253)
+ - `LOG-1114 <https://jira.onap.org/browse/LOG-1114>`_ Need for "ReadWriteMany" access on storage when deploying on Kubernetes?
+
+**Known Security Issues**
+ - `OJSI-123 <https://jira.onap.org/browse/OJSI-123>`_ pomba-data-router exposes plain text HTTP endpoint using port 30249
+ - `OJSI-115 <https://jira.onap.org/browse/OJSI-115>`_ pomba-kibana exposes plain text HTTP endpoint using port 30234
POMBA code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The LOG open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/display/DW/El+Alto+Vulnerabilities>`_.