Merge "Document OJSI-202 (CVE-2019-12127) vulnerability"

author: Sylvain Desbureaux <sylvain.desbureaux@orange.com> 2019-07-04 11:15:47 +0000
committer: Gerrit Code Review <gerrit@onap.org> 2019-07-04 11:15:47 +0000
commit: 25f7bae5721a1033707a987fe9d065444a733f7d (patch)
tree: 944c248922886e20ade048250cb0cb7e4e1d8233
parent: 7cad1c69abd3c1dbd8665a4d2a5d43a6901ad8c0 (diff)
parent: c887b4744c9105b66f5d9bbea77f455ccd99867a (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 37d8b3f50a..dc10400dfb 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -55,6 +55,7 @@ Summary
 
 * In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
 * Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
 
 *Known Vulnerabilities in Used Modules*
author	Sylvain Desbureaux <sylvain.desbureaux@orange.com>	2019-07-04 11:15:47 +0000
committer	Gerrit Code Review <gerrit@onap.org>	2019-07-04 11:15:47 +0000
commit	25f7bae5721a1033707a987fe9d065444a733f7d (patch)
tree	944c248922886e20ade048250cb0cb7e4e1d8233
parent	7cad1c69abd3c1dbd8665a4d2a5d43a6901ad8c0 (diff)
parent	c887b4744c9105b66f5d9bbea77f455ccd99867a (diff)