summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/index.rst2
-rw-r--r--osa/OSA-2019-002.rst2
-rw-r--r--osa/OSA-2019-010.rst2
-rw-r--r--osa/OSA-2019-011.rst2
-rw-r--r--osa/OSA-2019-012.rst2
-rw-r--r--osa/OSA-2019-013.rst2
-rw-r--r--osa/OSA-2019-014.rst2
-rw-r--r--osa/OSA-2019-015.rst4
-rw-r--r--osa/OSA-2019-018.rst4
-rw-r--r--osa/OSA-2019-021.rst2
-rw-r--r--osa/OSA-2019-022.rst4
-rw-r--r--osa/OSA-2019-023.rst4
12 files changed, 16 insertions, 16 deletions
diff --git a/docs/index.rst b/docs/index.rst
index 6510992..d9ac121 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -24,7 +24,7 @@ To get more details about our vulnerability management process or learn about al
ONAP Security Advisories (OSA)
------------------------------
-You can find the complete list of published advisories here:
+You can find the up to date list of published advisories here:
.. toctree::
:maxdepth: 1
diff --git a/osa/OSA-2019-002.rst b/osa/OSA-2019-002.rst
index 6e47ff8..13a3d24 100644
--- a/osa/OSA-2019-002.rst
+++ b/osa/OSA-2019-002.rst
@@ -26,7 +26,7 @@ Jakub Botwicz from Samsung reported a vulnerability in ONAP APPC. By providing a
Patches
-------
-No patch for this vulnerability has been proposed yet.
+* `90244 <https://gerrit.onap.org/r/c/appc/+/90244>`_
Credits
-------
diff --git a/osa/OSA-2019-010.rst b/osa/OSA-2019-010.rst
index b3024b1..e0a1e69 100644
--- a/osa/OSA-2019-010.rst
+++ b/osa/OSA-2019-010.rst
@@ -26,7 +26,7 @@ Radosław Żeszczuk from Samsung reported vulnerability in SDC. By accessing por
Patches
-------
-No patch for this vulnerability has been proposed yet.
+* `94802 <https://gerrit.onap.org/r/#/c/oom/+/94802/>`_
Credits
-------
diff --git a/osa/OSA-2019-011.rst b/osa/OSA-2019-011.rst
index 25f130a..c89f81d 100644
--- a/osa/OSA-2019-011.rst
+++ b/osa/OSA-2019-011.rst
@@ -26,7 +26,7 @@ Radosław Żeszczuk from Samsung reported vulnerability in SDC. By accessing por
Patches
-------
-No patch for this vulnerability has been proposed yet.
+* `94808 <https://gerrit.onap.org/r/#/c/oom/+/94808/>`_
Credits
-------
diff --git a/osa/OSA-2019-012.rst b/osa/OSA-2019-012.rst
index 3d66a85..1618b77 100644
--- a/osa/OSA-2019-012.rst
+++ b/osa/OSA-2019-012.rst
@@ -26,7 +26,7 @@ Radosław Żeszczuk from Samsung reported vulnerability in SDC. By accessing por
Patches
-------
-No patch for this vulnerability has been proposed yet.
+* `94807 <https://gerrit.onap.org/r/#/c/oom/+/94807/>`_
Credits
-------
diff --git a/osa/OSA-2019-013.rst b/osa/OSA-2019-013.rst
index 6252158..2b36742 100644
--- a/osa/OSA-2019-013.rst
+++ b/osa/OSA-2019-013.rst
@@ -26,7 +26,7 @@ Radosław Żeszczuk from Samsung reported vulnerability in SDC. By accessing por
Patches
-------
-No patch for this vulnerability has been proposed yet.
+* `94801 <https://gerrit.onap.org/r/#/c/oom/+/94801/>`_
Credits
-------
diff --git a/osa/OSA-2019-014.rst b/osa/OSA-2019-014.rst
index dc291f4..5593fd6 100644
--- a/osa/OSA-2019-014.rst
+++ b/osa/OSA-2019-014.rst
@@ -26,7 +26,7 @@ Radosław Żeszczuk from Samsung reported vulnerability in SDC. By accessing por
Patches
-------
-No patch for this vulnerability has been proposed yet.
+* `94806 <https://gerrit.onap.org/r/#/c/oom/+/94806/>`_
Credits
-------
diff --git a/osa/OSA-2019-015.rst b/osa/OSA-2019-015.rst
index 0cca199..61ccd18 100644
--- a/osa/OSA-2019-015.rst
+++ b/osa/OSA-2019-015.rst
@@ -16,7 +16,7 @@ OSA-2019-016: VNFSDK exposes JDWP port on localhost which allows to gain root pr
Affects
-------
-* VNFSDK: Dublin and earlier
+* VNFSDK: El Alto and earlier
Description
-----------
@@ -26,7 +26,7 @@ Radosław Żeszczuk from Samsung reported vulnerability in VNFSDK. By accessing
Patches
-------
-No patch for this vulnerability has been proposed yet.
+* `104335 <https://gerrit.onap.org/r/#/c/vnfsdk/refrepo/+/104335/>`_
Credits
-------
diff --git a/osa/OSA-2019-018.rst b/osa/OSA-2019-018.rst
index 00ce804..aec158e 100644
--- a/osa/OSA-2019-018.rst
+++ b/osa/OSA-2019-018.rst
@@ -16,7 +16,7 @@ OSA-2019-018: SQL Injections in Portal
Affects
-------
-* Portal: Dublin and earlier
+* Portal: El Alto and earlier
Description
-----------
@@ -26,7 +26,7 @@ Jakub Botwicz and Łukasz Wrochna from Samsung reported a number of vulnerabilit
Patches
-------
-No patch for this vulnerability has been proposed yet (work in progress).
+Issue fixed with major ONAP Portal rework in Frankfurt.
Credits
-------
diff --git a/osa/OSA-2019-021.rst b/osa/OSA-2019-021.rst
index 8d15e14..f258413 100644
--- a/osa/OSA-2019-021.rst
+++ b/osa/OSA-2019-021.rst
@@ -26,7 +26,7 @@ akub Botwicz, Wojciech Rauner, Łukasz Wrochna and Radosław Żeszczuk from Sams
Patches
-------
-No patch for this vulnerability has been proposed yet.
+* `95524 <https://gerrit.onap.org/r/#/c/oom/+/95524/>`_
Credits
-------
diff --git a/osa/OSA-2019-022.rst b/osa/OSA-2019-022.rst
index 80871f2..7af3eda 100644
--- a/osa/OSA-2019-022.rst
+++ b/osa/OSA-2019-022.rst
@@ -16,7 +16,7 @@ OSA-2019-022: Unprotected APIs/UIs exposed in OOM project
Affects
-------
-* OOM: Dublin and earlier
+* OOM: El Alto and earlier
Description
-----------
@@ -26,7 +26,7 @@ Jakub Botwicz, Wojciech Rauner, Łukasz Wrochna and Radosław Żeszczuk from Sam
Patches
-------
-No patch for this vulnerability has been proposed yet.
+* `102737 <https://gerrit.onap.org/r/c/oom/+/102737>`_
Credits
-------
diff --git a/osa/OSA-2019-023.rst b/osa/OSA-2019-023.rst
index a38307f..b85459c 100644
--- a/osa/OSA-2019-023.rst
+++ b/osa/OSA-2019-023.rst
@@ -16,7 +16,7 @@ OSA-2019-023: Unprotected APIs/UIs exposed in SO project
Affects
-------
-* SO: Dublin and earlier
+* SO: El Alto and earlier
Description
-----------
@@ -26,7 +26,7 @@ Jakub Botwicz, Wojciech Rauner, Łukasz Wrochna and Radosław Żeszczuk from Sam
Patches
-------
-No patch for this vulnerability has been proposed yet.
+Fix required several patches. More details can be found in `OJSI-203 <https://jira.onap.org/browse/OJSI-203>`_
Credits
-------