From 79bef7f1ca027a1aad11ebdbf8975a216d817b97 Mon Sep 17 00:00:00 2001
From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Sat, 5 Oct 2019 23:19:42 +0200
Subject: Use OJSI identifier to document fixed vulnerability

It's better to stick to the convention that OJSI ticket should be
mentioned in Fixed Security Issues section to ensure full traceability.

Issue-ID: OJSI-137
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I3549e3853b5acd69df00500106ca35dc4002fe10
---
 docs/sections/release-notes.rst | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst
index 932b6df..b4b1fba 100644
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -43,7 +43,8 @@ The El Alto release for OOF fixed the following Bugs.
 
 *Fixed Security Issues*
 
-    * [OPTFRA-521] oof-has-api exposes plain text HTTP endpoint using port 30275
+    * [`OJSI-137 <https://jira.onap.org/browse/OJSI-137>`_] In default deployment OPTFRA (oof-has-api) exposes HTTP port 30275 outside of cluster.
+      This issue has been also described in "[OPTFRA-521] oof-has-api exposes plain text HTTP endpoint using port 30275"
 
 *Known Security Issues*
 
-- 
cgit 1.2.3-korg