1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
8 :Release Date: 2019-08-19
10 El Alto Early Drop release
14 There are no new features in the El Alto early drop release. The focus of this release is on bug
15 fixes, with a particular emphasis on security fixes.
18 The full list of bug fixes in the El Alto early drop may be found at <https://jira.onap.org/issues/?filter=12018>
20 The following table summarizes some of the most significant issues addressed:
22 +--------------+----------------------------------------------------+
24 +==============+====================================================+
25 | [CCSDK-1445] | loading jdbc driver Exception in ccsdk |
26 +--------------+----------------------------------------------------+
27 | [CCSDK-1443] | cds blueprint processor does not start |
28 +--------------+----------------------------------------------------+
29 | [CCSDK-1240] | CVE-20190-3795 : spring-data-core vulnerability |
30 +--------------+----------------------------------------------------+
31 | [CCSDK-1239] | CVE-2019-3797 : spring-data vulnerability |
32 +--------------+----------------------------------------------------+
33 | [CCSDK-1238] | Multiple CVEs - commons-compress |
34 +--------------+----------------------------------------------------+
35 | [CCSDK-1117] | Remove runtime internet dependency for dgbuilder |
36 +--------------+----------------------------------------------------+
37 | [CCSDK-991] | Upgrade to spring-core 2.8.6 or higher |
38 +--------------+----------------------------------------------------+
39 | [CCSDK-988] | Multiple CVEs - spring-expression < 4.3.17.RELEASE |
40 +--------------+----------------------------------------------------+
41 | [CCSDK-441] | Spring 3 vulnerability CVE-2018-1270 |
42 +--------------+----------------------------------------------------+
45 The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341>
49 *Fixed Security Issues*
51 *Known Security Issues*
53 * In default deployment CCSDK (netbox-nginx) exposes HTTP port 30420 outside of cluster. [`OJSI-160 <https://jira.onap.org/browse/OJSI-160>`_]
54 * In default deployment CCSDK (cds-ui) exposes HTTP port 30497 outside of cluster. [`OJSI-196 <https://jira.onap.org/browse/OJSI-196>`_]
55 * In default deployment CCSDK (cds-blueprints-processor-http) exposes HTTP port 30499 outside of cluster. [`OJSI-197 <https://jira.onap.org/browse/OJSI-197>`_]
57 *Known Vulnerabilities in Used Modules*
60 - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
62 - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
64 - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=51282469>`_
68 :Release Date: 2019-06-13
70 Note: The Dublin version for most CCSDK repositories is 0.4.4, except for CDS which is version
75 The full list of Dublin epics and user stories for CCSDK may be found at <https://jira.onap.org/issues/?filter=11802>.
77 The following list summarizes some of the most significant epics:
79 +-------------+------------------------------------------------+
81 +=============+================================================+
82 | [CCSDK-575] | Improve E2E Process Automation |
83 +-------------+------------------------------------------------+
84 | [CCSDK-840] | S3P - Footprint Optimization |
85 +-------------+------------------------------------------------+
86 | [CCSDK-859] | Update to OpenDaylight Fluorine |
87 +-------------+------------------------------------------------+
88 | [CCSDK-929] | 5G Use Case |
89 +-------------+------------------------------------------------+
90 | [CCSDK-930] | CCVPN Use Case Extension |
91 +-------------+------------------------------------------------+
95 The full list of bug fixes in the CCSDK Dublin release may be found at <https://jira.onap.org/issues/?filter=11804>
98 The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341>
102 *Fixed Security Issues*
104 *Known Security Issues*
106 * In default deployment CCSDK (netbox-nginx) exposes HTTP port 30420 outside of cluster. [`OJSI-160 <https://jira.onap.org/browse/OJSI-160>`_]
107 * In default deployment CCSDK (cds-ui) exposes HTTP port 30497 outside of cluster. [`OJSI-196 <https://jira.onap.org/browse/OJSI-196>`_]
108 * In default deployment CCSDK (cds-blueprints-processor-http) exposes HTTP port 30499 outside of cluster. [`OJSI-197 <https://jira.onap.org/browse/OJSI-197>`_]
110 *Known Vulnerabilities in Used Modules*
113 - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
115 - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
117 - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=51282469>`_
122 :Release Date: 2019-01-30
125 The following bugs are fixed in the CCSDK Casablanca January 2019 maintenance release:
127 +-------------+-------------------------------------------------------------------------------+
128 | Jira # | Abstract |
129 +=============+===============================================================================+
130 | [CCSDK-727] | Do not prepend "sub" for subnet net id |
131 +-------------+-------------------------------------------------------------------------------+
132 | [CCSDK-728] | Self serve DG adjustement for unassign |
133 +-------------+-------------------------------------------------------------------------------+
134 | [CCSDK-740] | Restore inventory-response-item definition to the original version |
135 +-------------+-------------------------------------------------------------------------------+
136 | [CCSDK-765] | Upgrade jackson version to 2.8.9 |
137 +-------------+-------------------------------------------------------------------------------+
138 | [CCSDK-777] | Release version contains some snapshots |
139 +-------------+-------------------------------------------------------------------------------+
140 | [CCSDK-843] | Compile error due to old snapshot dependency |
141 +-------------+-------------------------------------------------------------------------------+
142 | [CCSDK-935] | restapicall JsonParser failed if response contains : as part of response body |
143 +-------------+-------------------------------------------------------------------------------+
146 The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341>
149 - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
151 - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
153 - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=45300857>`_
158 :Release Date: 2018-11-30
162 The full list of Casablanca epics and user stories for CCSDK maybe be found at <https://jira.onap.org/issues/?filter=11516>.
164 The following list summarizes some of the most significant epics:
166 +-------------+------------------------------------------------+
167 | Jira # | Abstract |
168 +=============+================================================+
169 | [CCSDK-279] | Update to OpenDaylight Oxygen release |
170 +-------------+------------------------------------------------+
171 | [CCSDK-357] | Develop Controller Design Studio in Casablanca |
172 +-------------+------------------------------------------------+
173 | [CCSDK-324] | Enhancements to support CCVPN use case |
174 +-------------+------------------------------------------------+
175 | [CCSDK-288] | Usability Enhancements |
176 +-------------+------------------------------------------------+
179 The full list of bug fixes in the CCSDK Casablanca release may be found at <https://jira.onap.org/issues/?filter=11544>
182 The full list of known issues in CCSDK may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11341>
185 - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
187 - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
189 - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=45300857>`_
195 :Release Date: 2018-06-07
201 The full list of Beijing Epics and user stories for CCSDK may be found at <https://jira.onap.org/issues/?filter=10792>. The following
202 list summarizes some of the more critical features:
204 +--------------+-----------------------------------------------------------------------------------------------+
205 | Jira # | Abstract |
206 +==============+===============================================================================================+
207 | [CCSDK-222] | Ansible server support <https://jira.onap.org/browse/CCSDK-222> |
208 +--------------+-----------------------------------------------------------------------------------------------+
209 | [CCSDK-191] | enable fast loading of graphs <https://jira.onap.org/browse/CCSDK-191> |
210 +--------------+-----------------------------------------------------------------------------------------------+
211 | [CCSDK-179] | Upgrade CCSDK ODL containers to Nitrogen <https://jira.onap.org/browse/CCSDK-179> |
212 +--------------+-----------------------------------------------------------------------------------------------+
213 | [CCSDK-177] | Upgrade sli/northbound to Nitrogen <https://jira.onap.org/browse/CCSDK-177> |
214 +--------------+-----------------------------------------------------------------------------------------------+
215 | [CCSDK-176] | Upgrade sli/adaptors to Nitrogen <https://jira.onap.org/browse/CCSDK-176> |
216 +--------------+-----------------------------------------------------------------------------------------------+
217 | [CCSDK-175] | Upgrade sli/core to Nitrogen <https://jira.onap.org/browse/CCSDK-175> |
218 +--------------+-----------------------------------------------------------------------------------------------+
219 | [CCSDK-174] | Update ccsdk parent to support Nitrogen parent poms <https://jira.onap.org/browse/CCSDK-174> |
220 +--------------+-----------------------------------------------------------------------------------------------+
221 | [CCSDK-172] | Ability to call Ansible playbook from directed graph <https://jira.onap.org/browse/CCSDK-172> |
222 +--------------+-----------------------------------------------------------------------------------------------+
226 The full list of bug fixes in the CCSDK Beijing release may be found at <https://jira.onap.org/issues/?filter=11117>
230 +--------------+-----------------------------------------------------------------------------------------------------+
231 | Jira # | Abstract |
232 +==============+=====================================================================================================+
233 | [CCSDK-136] | pgaas is dependent on location\_prefix being all lowercase <https://jira.onap.org/browse/CCSDK-136> |
234 +--------------+-----------------------------------------------------------------------------------------------------+
238 CCSDK code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The CCSDK open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28379011>`_.
241 - `CCSDK project page <https://wiki.onap.org/display/DW/Common+Controller+SDK+Project>`_
243 - `Passing Badge information for CCSDK <https://bestpractices.coreinfrastructure.org/en/projects/1630>`_
245 - `Project Vulnerability Review Table for CCSDK <https://wiki.onap.org/pages/viewpage.action?pageId=28379011>`_
251 **Deprecation Notes**
264 :Release Date: 2017-11-16
270 The Common Controller SDK provides the following functionality :
271 - Service Logic Interpreter
272 - Database access library (dblib)
273 - Service Logic test api (sliapi)
274 - MD-SAL data query adaptor
285 - `CCSDK-110 <https://jira.onap.org/browse/CCSDK-110>`_ Resolve license issues in dashboard project
286 - `CCSDK-136 <https://jira.onap.org/browse/CCSDK-136>`_ pgaas is dependent on location_prefix being all lowercase
287 - `CCSDK-137 <https://jira.onap.org/browse/CCSDK-137>`_ isolate deprecated methods
290 You may want to include a reference to CVE (Common Vulnerabilities and Exposures) `CVE <https://cve.mitre.org>`_
295 **Deprecation Notes**