From f8edf16b28883647e119105429373cef8d726a82 Mon Sep 17 00:00:00 2001
From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Wed, 5 Jun 2019 23:57:13 +0200
Subject: Document OJSI-137 vulnerability

Issue-ID: OJSI-137
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I2b27d485e98d5e58f737fe19d4c4d95433dbea28
---
 docs/sections/release-notes.rst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst
index 8e9b99a..10062de 100644
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -58,6 +58,8 @@ These are all issues with fix version: Dublin Release and status: open, in-progr
 
 *Known Security Issues*
 
+    * [`OJSI-137 <https://jira.onap.org/browse/OJSI-137>`_] In default deployment OPTFRA (oof-has-api) exposes HTTP port 30275 outside of cluster.
+
 *Known Vulnerabilities in Used Modules*
 
 OPTFRA code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found. `project <https://wiki.onap.org/pages/viewpage.action?pageId=64005463>`_.
-- 
cgit 1.2.3-korg