From e4849d9e08f994766856d16160ffbd011dd1b109 Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Thu, 6 Jun 2019 00:00:46 +0200 Subject: Document OJSI-122 vulnerability Issue-ID: OJSI-122 Signed-off-by: Krzysztof Opasiak Change-Id: I41342d29427ab1d8d7de345bad79454f4dd74bf3 --- docs/sections/release-notes.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst index 22c6b4b..4c4bd9c 100644 --- a/docs/sections/release-notes.rst +++ b/docs/sections/release-notes.rst @@ -46,6 +46,8 @@ The Dublin release for OOF delivered the following Epics. *Known Security Issues* + * [`OJSI-122 `_] In default deployment OPTFRA (oof-osdf) exposes HTTP port 30248 outside of cluster. + *Known Vulnerabilities in Used Modules* OPTFRA osdf code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found. -- cgit 1.2.3-korg