summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2019-06-06 02:26:50 +0200
committerBin Yang <bin.yang@windriver.com>2019-06-11 03:20:27 +0000
commit96bb41e64271accc719a49736bb9a2c89c49f25b (patch)
treec21ceb8b72fe04ced04c7309bd6de3f90f76c0a1
parent9f8a873ccdf1ab1a8373d3456a99d7826103256a (diff)
Document OJSI-149 vulnerability
Issue-ID: OJSI-149 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Icdae6c291330acb2ec0c795cfa1df38cc703a062
-rw-r--r--docs/Release Notes.rst35
1 files changed, 34 insertions, 1 deletions
diff --git a/docs/Release Notes.rst b/docs/Release Notes.rst
index a2ff431..323053d 100644
--- a/docs/Release Notes.rst
+++ b/docs/Release Notes.rst
@@ -273,6 +273,33 @@ Version: 4.0.0 (Dublin Release)
**Security Notes**
+*Fixed Security Issues*
+
+- `OJSI-130 <https://jira.onap.org/browse/OJSI-130>`_
+ In default deployment MULTICLOUD (multicloud-azure) exposes HTTP port 30261 outside of cluster.
+
+- `OJSI-148 <https://jira.onap.org/browse/OJSI-148>`_
+ In default deployment MULTICLOUD (multicloud) exposes HTTP port 30291 outside of cluster.
+
+- `OJSI-150 <https://jira.onap.org/browse/OJSI-150>`_
+ In default deployment MULTICLOUD (multicloud-ocata) exposes HTTP port 30293 outside of cluster.
+
+- `OJSI-151 <https://jira.onap.org/browse/OJSI-151>`_
+ In default deployment MULTICLOUD (multicloud-windriver) exposes HTTP port 30294 outside of cluster.
+
+- `OJSI-153 <https://jira.onap.org/browse/OJSI-153>`_
+ In default deployment MULTICLOUD (multicloud-pike) exposes HTTP port 30296 outside of cluster.
+
+- `OJSI-149 <https://jira.onap.org/browse/OJSI-149>`_
+ In default deployment MULTICLOUD (multicloud-vio) exposes HTTP port 30292 outside of cluster.
+
+
+*Known Security Issues*
+
+
+*Known Vulnerabilities in Used Modules*
+
+
MULTICLOUD code has been formally scanned during build time using NexusIQ and
all Critical vulnerabilities have been addressed, items that remain open have
been assessed for risk and determined to be false positive.
@@ -389,6 +416,9 @@ None
*Fixed Security Issues*
+
+*Known Security Issues*
+
- `OJSI-130 <https://jira.onap.org/browse/OJSI-130>`_
In default deployment MULTICLOUD (multicloud-azure) exposes HTTP port 30261 outside of cluster.
@@ -404,10 +434,13 @@ None
- `OJSI-153 <https://jira.onap.org/browse/OJSI-153>`_
In default deployment MULTICLOUD (multicloud-pike) exposes HTTP port 30296 outside of cluster.
-*Known Security Issues*
+- `OJSI-149 <https://jira.onap.org/browse/OJSI-149>`_
+ In default deployment MULTICLOUD (multicloud-vio) exposes HTTP port 30292 outside of cluster.
+
*Known Vulnerabilities in Used Modules*
+
MULTICLOUD code has been formally scanned during build time using NexusIQ and
all Critical vulnerabilities have been addressed, items that remain open have
been assessed for risk and determined to be false positive.