diff options
| author |   Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-05-30 23:08:00 +0200 |
|---|---|---|
| committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2019-05-30 23:08:00 +0200 |
| commit | 5456d52c14612e65ca759f478bc62acc0ef093e3 (patch) | |
| tree | 791d08d0bbdb2c8d2ee794d1b2edb968aab0140b /docs/release-notes.rst | |
| parent | 943d7b2c32d7527cd018cd27f97f1b12a21b8989 (diff) | |
Improve security section of release notes
In order to provide users with more details on project's state in
terms of security let's divide the security release notes into three
sections:
- Fixed Security Issues
Contains a list of security fixes merged during this
release (especially those reported via OJSI tickets).
- Known Security Issues
Contains a list of vulnerabilities detected in project during
release which have not been fixed yet and thus should be mitigated
by the user.
- Known Vulnerabilities in Used Modules
Contains information about NexusIQ scan results
Issue-ID: SECCOM-238
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I856d45e2adbcfcfca05b95d1482487aca950f794
Diffstat (limited to 'docs/release-notes.rst')
| -rw-r--r-- | docs/release-notes.rst | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/docs/release-notes.rst b/docs/release-notes.rst index e5305e0e4..ba8690bfa 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -32,7 +32,13 @@ The main goal of the Dublin release was to: **Security Notes** -CLAMP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and actions to be taken in future release. +*Fixed Security Issues* + +*Known Security Issues* + +*Known Vulnerabilities in Used Modules* + +CLAMP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and actions to be taken in future release. The CLAMP open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=64003444>`_. Quick Links: @@ -75,7 +81,7 @@ none none **Known Issues** -one documentation issue was fixed, this issue does not require a new docker image: +one documentation issue was fixed, this issue does not require a new docker image: - `CLAMP-257 <https://jira.onap.org/browse/CLAMP-257>`_ User Manual for CLAMP : nothing on readthedocs. Version: 3.0.3 @@ -108,7 +114,7 @@ The main goal of the Casablanca release was to: **Security Notes** -CLAMP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and actions to be taken in future release. +CLAMP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and actions to be taken in future release. The CLAMP open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=42598587>`_. Quick Links: @@ -173,9 +179,9 @@ CLAMP code has been formally scanned during build time using NexusIQ and all Cri Quick Links: - `CLAMP project page <https://wiki.onap.org/display/DW/CLAMP+Project>`_ - + - `Passing Badge information for CLAMP <https://bestpractices.coreinfrastructure.org/en/projects/1197>`_ - + - `Project Vulnerability Review Table for CLAMP <https://wiki.onap.org/pages/viewpage.action?pageId=25440749>`_ **Upgrade Notes** |