+Known Vulnerabilities
+~~~~~~~~~~~~~~~~~~~~~
+.. list-table::
+ :widths: 8 3 5 15
+ :header-rows: 1
+
+ * - Dependency
+ - Security Threat Level
+ - Policy Framework Components
+ - Comment
+ * - com.fasterxml.jackson.core:jackson-core:2.14.1 (2.15.1)
+ - 10
+ - | policy/common (D)
+ | policy/models (T)
+ | policy/api (T)
+ | policy/pap (T)
+ | policy/distribution (T)
+ | policy/clamp (T)
+ | policy/gui (T)
+ | policy/apex-pdp (T)
+ | policy/xacml-pdp (T)
+ | policy/drools-pdp (T)
+ | policy/drools-applications (T)
+ - Used in the implementation of policy endpoints
+ * - com.google.protobuf:protobuf-java:3.10.0
+ - 10
+ - | policy/models (T)
+ | policy/clamp (T)
+ | policy/apex-pdp (T)
+ | policy/drools-applications (T)
+ - Transitive dependency pulled in by CDS/Spring/Springboot
+ * - com.squareup.okhttp3:okhttp:4.9.1
+ - 10
+ - | policy/clamp (T)
+ - Transitive dependency pulled in by Spring/Springboot
+ * - com.sthoughtworks.xstrea:xstream:1.4.19
+ - 10
+ - | policy/drools-pdp (T)
+ - Transitive dependency pulled in by Drools rules
+ * - net.minidev:json-smart:2.4.6
+ - 10
+ - | policy/models (T)
+ | policy/apex-pdp (T)
+ | policy/drools-applications (T)
+ - Transitive dependency pulled in by CDS
+ * - io.grpc:grpc-core:1.25.0
+ - 6
+ - | policy/models (T)
+ | policy/apex-pdp (T)
+ | policy/drools-applications (T)
+ - Transitive dependency pulled in by CDS
+ * - org.apache.maven:maven-model:3.8.6
+ - 6
+ - | policy/drools-pdp (T)
+ - Transitive dependency pulled in to handle artifact generation
+ * - org.apache.tomcat.embed:tomcat-embed-core:9.0.71
+ - 10
+ - | policy/api (T)
+ | policy/pap (T)
+ | policy/clamp (T)
+ - Transitive dependency pulled in by org.springframework.boot:spring-boot-starter-web
+ * - org.bouncycastle:bc.fips:1.0.2.3
+ - 6
+ - | policy/common (T)
+ | policy/models (T)
+ | policy/distribution (T)
+ | policy/apex-pdp (T)
+ - Transitive dependency pulled in by org.bouncycastle:bcpkix-fips:1.0.5 in the utils-test module
+ * - org.eclipse.jetty:jetty-http:10.0.13
+ - 6
+ - | policy/common (T)
+ | policy/models (T)
+ | policy/api (T)
+ | policy/pap (T)
+ | policy/distribution (T)
+ | policy/clamp (T)
+ | policy/gui (T)
+ | policy/apex-pdp (T)
+ | policy/drools-pdp (T)
+ | policy/xacml-pdp (T)
+ | policy/drools-applications (T)
+ - Transitive dependency pulled in by org.eclipse.jetty:jetty-server
+ * - org.eclipse.jetty:jetty-server:10.0.13
+ - 6
+ - | policy/common (D)
+ | policy/models (T)
+ | policy/api (T)
+ | policy/pap (T)
+ | policy/distribution (T)
+ | policy/clamp (T)
+ | policy/gui (T)
+ | policy/apex-pdp (T)
+ | policy/drools-pdp (T)
+ | policy/xacml-pdp (T)
+ | policy/drools-applications (T)
+ - Used in the implementation of policy endpoints
+ * - org.jetbrains.kotlin:kotlin-daemon-client:1.3.61
+ - 6
+ - | policy/models (T)
+ | policy/apex-pdp (T)
+ | policy/drools-applications (T)
+ - Transitive dependency pulled in by CDS
+ * - org.jetbrains.kotlin:kotlin-scripting-jvm:1.3.61
+ - 6
+ - | policy/models (T)
+ | policy/apex-pdp (T)
+ | policy/drools-applications (T)
+ - Transitive dependency pulled in by CDS
+ * - org.springframework:spring-web:5.3.25
+ - 10
+ - | policy/api (T)
+ | policy/pap (T)
+ | policy/clamp (T)
+ | policy/gui (T)
+ - Transitive dependency pulled in by Spring/Springboot
+ * - org.springframework:spring-webmvc:5.3.25
+ - 10
+ - | policy/api (T)
+ | policy/pap (T)
+ | policy/clamp (T)
+ | policy/gui (T)
+ - Transitive dependency pulled in by Spring/Springboot
+ * - org.springframework.boot:spring-boot-actuator-autoconfigure:2.7.8
+ - 10
+ - | policy/api (T)
+ | policy/pap (T)
+ | policy/clamp (T)
+ | policy/gui (T)
+ - Transitive dependency pulled in by Spring/Springboot
+ * - org.springframework.boot:spring-boot-autoconfigure:2.7.8
+ - 10
+ - | policy/models (T)
+ | policy/api (T)
+ | policy/pap (T)
+ | policy/clamp (T)
+ | policy/gui (T)
+ | policy/apex-pdp (T)
+ | policy/drools-applications (T)
+ - Transitive dependency pulled in by Spring/Springboot
+ * - org.springframework.security:spring-security-config:5.7.6
+ - 10
+ - | policy/api (T)
+ | policy/pap (T)
+ | policy/clamp (T)
+ - Transitive dependency pulled in by Spring/Springboot
+ * - org.springframework.security:spring-security-web:5.7.6
+ - 10
+ - | policy/api (T)
+ | policy/pap (T)
+ | policy/clamp (T)
+ - Transitive dependency pulled in by Spring/Springboot
+ * - org.webjars:jquery-ui:1.12.1
+ - 6
+ - | policy/gui (T)
+ - Used by GUI for doing jquery queries
+
+Workarounds
+~~~~~~~~~~~
+N/A
+
+Security Notes
+==============
+
+Upgrading to Spring 6 and Springboot 3 is required to remove security vulnerabilities above. This change requries moving to Java 17.
+This change will be done in the Montreal release of the Policy Framework. See `POLICY-4665 <https://jira.onap.org/browse/POLICY-4665>`_.
+
+Functional Improvements
+=======================
+| `POLICY-4395 <https://jira.onap.org/browse/POLICY-4395>`_ - R12: Database related issues
+| `POLICY-4184 <https://jira.onap.org/browse/POLICY-4184>`_ - ACM Support for MySql 8.x DB client interfaces
+| `POLICY-4358 <https://jira.onap.org/browse/POLICY-4358>`_ - Support secured DB communications for CLAMP/ACM
+| `POLICY-4401 <https://jira.onap.org/browse/POLICY-4401>`_ - R12: Improvements specific to clamp
+| `POLICY-4282 <https://jira.onap.org/browse/POLICY-4282>`_ - Test and Verification of ACM State Management
+| `POLICY-4330 <https://jira.onap.org/browse/POLICY-4330>`_ - Add Prometheus metric messages for ACM
+| `POLICY-4413 <https://jira.onap.org/browse/POLICY-4413>`_ - Refactor the state machines in CLAMP ACM-R and the Participant Intermediary
+| `POLICY-4418 <https://jira.onap.org/browse/POLICY-4418>`_ - Remove old implementation of statistics in ACM
+| `POLICY-4458 <https://jira.onap.org/browse/POLICY-4458>`_ - Create a Participant for A1-PMS
+| `POLICY-4525 <https://jira.onap.org/browse/POLICY-4525>`_ - Create a Participant for KServe
+| `POLICY-4563 <https://jira.onap.org/browse/POLICY-4563>`_ - ACM manual and automation tests
+| `POLICY-4639 <https://jira.onap.org/browse/POLICY-4639>`_ - UseState and OperationalState support in ACM
+
+Necessary Improvements and Bug Fixes
+====================================
+
+Necessary Improvements
+~~~~~~~~~~~~~~~~~~~~~~
+| `POLICY-4122 <https://jira.onap.org/browse/POLICY-4122>`_ - R12: Refactoring and Removal of Unused Code
+| `POLICY-4138 <https://jira.onap.org/browse/POLICY-4138>`_ - Transfer the API handling from the clamp-backend microservice to another microservice
+| `POLICY-4139 <https://jira.onap.org/browse/POLICY-4139>`_ - Remove the clamp-backend microservice
+| `POLICY-4140 <https://jira.onap.org/browse/POLICY-4140>`_ - Ensure that all unit tests and automated integration and S3P tests still pass when the unused code is removed
+| `POLICY-4157 <https://jira.onap.org/browse/POLICY-4157>`_ - Investigation story For Server-Client in PF
+| `POLICY-4123 <https://jira.onap.org/browse/POLICY-4123>`_ - R12: OpenAPI Adaption and Swagger Cleanup
+| `POLICY-3368 <https://jira.onap.org/browse/POLICY-3368>`_ - Revise Rest API conventions and structure
+| `POLICY-3465 <https://jira.onap.org/browse/POLICY-3465>`_ - Upgrade Swagger to io.swagger.core.v3
+| `POLICY-4143 <https://jira.onap.org/browse/POLICY-4143>`_ - Generate Contract Testing stubs from OpenAPI specifications
+| `POLICY-4144 <https://jira.onap.org/browse/POLICY-4144>`_ - Ensure that all unit tests and automated integration and S3P tests still pass when the OpenAPI approach is reversed
+| `POLICY-4158 <https://jira.onap.org/browse/POLICY-4158>`_ - Open API Specifications as a Source Artifacts ACM
+| `POLICY-4159 <https://jira.onap.org/browse/POLICY-4159>`_ - Maven build for OpenAPI Interface Generation
+| `POLICY-4160 <https://jira.onap.org/browse/POLICY-4160>`_ - Rest endpoint implementation code Acm
+| `POLICY-4162 <https://jira.onap.org/browse/POLICY-4162>`_ - Spike to understand OpenAPI Adaption
+| `POLICY-4404 <https://jira.onap.org/browse/POLICY-4404>`_ - Remove SpringFox from Policy Framework
+| `POLICY-4448 <https://jira.onap.org/browse/POLICY-4448>`_ - Rest endpoint implementation code Api and Pap
+| `POLICY-4124 <https://jira.onap.org/browse/POLICY-4124>`_ - R12: Add metrics to measure SLAs
+| `POLICY-4145 <https://jira.onap.org/browse/POLICY-4145>`_ - Enable Observability and Performance Management
+| `POLICY-4147 <https://jira.onap.org/browse/POLICY-4147>`_ - Add Prometheus counters for measuring APEX PDP performance SLAs
+| `POLICY-4148 <https://jira.onap.org/browse/POLICY-4148>`_ - Check counter names for consistency
+| `POLICY-4149 <https://jira.onap.org/browse/POLICY-4149>`_ - Verify that the counters are being produced
+| `POLICY-4165 <https://jira.onap.org/browse/POLICY-4165>`_ - SLAs from Global Requirements
+| `POLICY-4469 <https://jira.onap.org/browse/POLICY-4469>`_ - SLAs on REST Interfaces for Async Requests
+| `POLICY-4125 <https://jira.onap.org/browse/POLICY-4125>`_ - R12: New Test Development
+| `POLICY-4150 <https://jira.onap.org/browse/POLICY-4150>`_ - Add the tests to the automated test suite in the Policy Framework
+| `POLICY-4151 <https://jira.onap.org/browse/POLICY-4151>`_ - Add tests that check SLA compliance
+| `POLICY-4152 <https://jira.onap.org/browse/POLICY-4152>`_ - Execute the new tests
+| `POLICY-4164 <https://jira.onap.org/browse/POLICY-4164>`_ - Verify SLAs on Policy Execution in PDPs
+| `POLICY-4571 <https://jira.onap.org/browse/POLICY-4571>`_ - S3P Test to check multiple PDP registration
+| `POLICY-4655 <https://jira.onap.org/browse/POLICY-4655>`_ - Remove k8s based csit from jenkins
+| `POLICY-4126 <https://jira.onap.org/browse/POLICY-4126>`_ - R12: Improve Automated Testing and Policy Framework S3P Tests
+| `POLICY-4111 <https://jira.onap.org/browse/POLICY-4111>`_ - S3P testing of APEX-PDP prometheus metrics
+| `POLICY-4153 <https://jira.onap.org/browse/POLICY-4153>`_ - Ensure reports on SLA compliance are generated by test execution
+| `POLICY-4154 <https://jira.onap.org/browse/POLICY-4154>`_ - Write a suite of automated contract tests.
+| `POLICY-4155 <https://jira.onap.org/browse/POLICY-4155>`_ - Add the tests to the automated test suite in the Policy Framework
+| `POLICY-4156 <https://jira.onap.org/browse/POLICY-4156>`_ - Automate the current S3P test suites in the Policy Framework
+| `POLICY-4417 <https://jira.onap.org/browse/POLICY-4417>`_ - Support Policy CSIT tests in kubernetes environment with helm chart
+| `POLICY-4501 <https://jira.onap.org/browse/POLICY-4501>`_ - Add ACM demo service template example in clamp
+| `POLICY-4127 <https://jira.onap.org/browse/POLICY-4127>`_ - R12: Enhance Policy Framework Documentation
+| `POLICY-4581 <https://jira.onap.org/browse/POLICY-4581>`_ - Policy Offered APIs
+| `POLICY-4583 <https://jira.onap.org/browse/POLICY-4583>`_ - Update Policy Platform Development Tools documentation
+| `POLICY-4586 <https://jira.onap.org/browse/POLICY-4586>`_ - Review and update the ACM design documentation
+| `POLICY-4587 <https://jira.onap.org/browse/POLICY-4587>`_ - Write documentation for Composition and participant development in ACM
+| `POLICY-4396 <https://jira.onap.org/browse/POLICY-4396>`_ - R12: Improvements specific to apex-pdp
+| `POLICY-4411 <https://jira.onap.org/browse/POLICY-4411>`_ - Make apex-pdp dockerfile consistent
+| `POLICY-4460 <https://jira.onap.org/browse/POLICY-4460>`_ - Add documentation for KafkaAvroSerializer support in apex-pdp
+| `POLICY-4397 <https://jira.onap.org/browse/POLICY-4397>`_ - R12: Improvements specific to xacml-pdp
+| `POLICY-4218 <https://jira.onap.org/browse/POLICY-4218>`_ - Add handling of references in the XACML-PDP Tutorial code to the release scripts
+| `POLICY-4398 <https://jira.onap.org/browse/POLICY-4398>`_ - R12: Improvements specific to drools-pdp and drools-applications
+| `POLICY-4405 <https://jira.onap.org/browse/POLICY-4405>`_ - Mitigate vulnerable dependencies in drools-pdp
+| `POLICY-4399 <https://jira.onap.org/browse/POLICY-4399>`_ - R12: Improvements to api/pap and policy handling
+| `POLICY-4451 <https://jira.onap.org/browse/POLICY-4451>`_ - Policy PAP hard codes topic names
+| `POLICY-4455 <https://jira.onap.org/browse/POLICY-4455>`_ - Make topics in PAP configurable
+| `POLICY-4463 <https://jira.onap.org/browse/POLICY-4463>`_ - Fix pap csit with topics names
+| `POLICY-4407 <https://jira.onap.org/browse/POLICY-4407>`_ - R12: Software (non functional) improvements
+| `POLICY-4360 <https://jira.onap.org/browse/POLICY-4360>`_ - Fix grafana compose
+| `POLICY-4466 <https://jira.onap.org/browse/POLICY-4466>`_ - Move duplicate POM config for git-commit-id-maven-plugin to policy/parent
+| `POLICY-4471 <https://jira.onap.org/browse/POLICY-4471>`_ - Check and repair CSIT jobs
+| `POLICY-4474 <https://jira.onap.org/browse/POLICY-4474>`_ - Ensure code coverage in all components is over 80%
+| `POLICY-4482 <https://jira.onap.org/browse/POLICY-4482>`_ - Mitigate Vulnerabilities in Dependencies of Policy Components
+| `POLICY-4484 <https://jira.onap.org/browse/POLICY-4484>`_ - Perform Interim Release of Policy Framework for London
+| `POLICY-4536 <https://jira.onap.org/browse/POLICY-4536>`_ - Fix Sonar issues in PF components
+| `POLICY-4547 <https://jira.onap.org/browse/POLICY-4547>`_ - Fix issue in StartAndStop Activator Test
+| `POLICY-4549 <https://jira.onap.org/browse/POLICY-4549>`_ - Improve MariaDB sqls for db-migrator
+| `POLICY-4558 <https://jira.onap.org/browse/POLICY-4558>`_ - Remove Integration Docker base images from Policy Framework base images
+| `POLICY-4570 <https://jira.onap.org/browse/POLICY-4570>`_ - Policy Framework Interim Release
+| `POLICY-4578 <https://jira.onap.org/browse/POLICY-4578>`_ - Update vulnerabilities in Policy Components
+| `POLICY-4628 <https://jira.onap.org/browse/POLICY-4628>`_ - Update sdc-distribution-client to 2.0.1
+| `POLICY-4638 <https://jira.onap.org/browse/POLICY-4638>`_ - Restructure policy-gui
+| `POLICY-4648 <https://jira.onap.org/browse/POLICY-4648>`_ - Release images for M4
+| `POLICY-4680 <https://jira.onap.org/browse/POLICY-4680>`_ - Pin versions of python libraries in csit configuration
+| `REQ-439 <https://jira.onap.org/browse/REQ-439>`_ - Continuation of Package Upgrades in Direct Dependencies
+| `POLICY-4472 <https://jira.onap.org/browse/POLICY-4472>`_ - Packages Upgrades in Direct Dependencies for London Release
+
+Bug Fixes
+~~~~~~~~~
+| `POLICY-4649 <https://jira.onap.org/browse/POLICY-4649>`_ - Fix postgres script syntax errors
+| `POLICY-4625 <https://jira.onap.org/browse/POLICY-4625>`_ - Participant primed status is not updated correctly in the runtime
+| `POLICY-4623 <https://jira.onap.org/browse/POLICY-4623>`_ - Fix Anchor installing-or-upgrading-policy in docs
+| `POLICY-4576 <https://jira.onap.org/browse/POLICY-4576>`_ - Omission in release script to update oom images
+| `POLICY-4575 <https://jira.onap.org/browse/POLICY-4575>`_ - Fix ClassCastException in ACM
+| `POLICY-4562 <https://jira.onap.org/browse/POLICY-4562>`_ - Sonar hotspot Interrupted Exception
+| `POLICY-4561 <https://jira.onap.org/browse/POLICY-4561>`_ - Fix UNDEPLOY transition in policyParticipant in ACM
+| `POLICY-4560 <https://jira.onap.org/browse/POLICY-4560>`_ - Fix participantHtml issue with multi instances in ACM
+| `POLICY-4537 <https://jira.onap.org/browse/POLICY-4537>`_ - Policy DB scripts are bound to fixed MariaDB version
+| `POLICY-4527 <https://jira.onap.org/browse/POLICY-4527>`_ - Galera jobs must use repositoryGenerator quitQuit images
+| `POLICY-4491 <https://jira.onap.org/browse/POLICY-4491>`_ - Fix PAP CSIT intermittent failure
+| `POLICY-4490 <https://jira.onap.org/browse/POLICY-4490>`_ - Disable ACM CSITs due to ongoing work
+| `POLICY-4486 <https://jira.onap.org/browse/POLICY-4486>`_ - Fix copy contructor in DocToscaServiceTemplate in ACM
+| `POLICY-4473 <https://jira.onap.org/browse/POLICY-4473>`_ - Clamp ACM dockersuse profile not working
+| `POLICY-4429 <https://jira.onap.org/browse/POLICY-4429>`_ - PDP-X guard table creation script problems with = in password
+| `POLICY-4410 <https://jira.onap.org/browse/POLICY-4410>`_ - Fix ACM stability and performance jmx configuration for random failures
+| `POLICY-4381 <https://jira.onap.org/browse/POLICY-4381>`_ - The REST path of ACM endpoints is not configurable via Spring properties
+
+References
+==========
+
+For more information on the ONAP London release, please see:
+
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
+
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
+
+Quick Links:
+ - `POLICY project page`_
+ - `Passing Badge information for POLICY`_
+
+.. ==========================
+.. * * * KOHN * * *
+.. ==========================
+
+Version: 11.0.0
+---------------
+
+:Release Date: 2022-11-20 (Kohn Release)
+
+Artifacts released:
+
+.. list-table::
+ :widths: 15 10 10
+ :header-rows: 1
+
+ * - Repository
+ - Java Artifact
+ - Docker Image (if applicable)
+ * - policy/parent
+ - 3.6.1
+ - N/A
+ * - policy/docker
+ - 2.5.1
+ - | policy-jre-alpine
+ | policy-jdk-alpine
+ | policy-db-migrator
+ * - policy/common
+ - 1.11.1
+ - N/A
+ * - policy/models
+ - 2.7.2
+ - N/A
+ * - policy/api
+ - 2.7.2
+ - policy-api
+ * - policy/pap
+ - 2.7.2
+ - policy-pap
+ * - policy/apex-pdp
+ - 2.8.2
+ - policy-apex-pdp
+ * - policy/drools-pdp
+ - 1.11.2
+ - policy-drools
+ * - policy/xacml-pdp
+ - 2.7.2
+ - policy-xacml-pdp
+ * - policy/distribution
+ - 2.8.2
+ - policy-distribution
+ * - policy/clamp
+ - 6.3.2
+ - | policy-clamp-ac-pf-ppnt
+ | policy-clamp-ac-k8s-ppnt
+ | policy-clamp-ac-http-ppnt
+ | policy-clamp-runtime-acm'
+ * - policy/gui
+ - 2.3.2
+ - policy-gui
+ * - policy/drools-applications
+ - 1.11.2
+ - policy-pdpd-cl
+
+Key Updates
+===========
+
+* Support for O1 and A1 Policy Payloads in the 5G SON use Case
+
+ The 5G SON policy is updated to allow O1 and A1 Policy payloads to be passed to SDN-R. Now, policies can pass O1 and
+ A1 Policy payloads.
+
+ See:
+ - `REQ-1212 <https://jira.onap.org/browse/REQ-1212>`_ - 5G SON use case enhancements for Kohn release
+ - `POLICY-4108 <https://jira.onap.org/browse/POLICY-4108>`_ Control Loop Policy for A1-based action for SON
+ Use Case
+
+
+* Native Kafka messaging bewtween Policy Framework components
+
+ The Policy Framework can now be configured to use Kafka for asynchronous communication between PAP and PDPs and
+ between CLAMP ACM Runtime and Participants. Kafka messaging is an alternative to using DMaaP MR for asynchronous
+ messaging. The Policy Framework components are configured to use either DMaaP or Kafka messaging, with DMaaP
+ being the default. This change is supported by APEX-PDP in this release and will be supported DROOLS-PDP and XACML-PDP
+ in future releases.
+
+ See:
+ - `POLICY-4121 <https://jira.onap.org/browse/POLICY-4121>`_ - R11: DMaaP and Kafka updates
+
+* Support for Secured Database Communication
+
+ Database communiction with MariaDB, MySql, or PostgreSQL can be configured to be secure. Secure database communication
+ is introduced for API, PAP, DROOLS-PDP and XACML-PDP. Support for secure database communication will be introduced in
+ CLAMP ACM in a future release.
+
+ See:
+ - `POLICY-4176 <https://jira.onap.org/browse/POLICY-4176>`_ - Support Secured Database Connections
+
+* Support for MySql 8
+
+ The Policy Framework can use MySql 8 for persistence in addition to MariaDb and Postgres. Interoperability with MySql
+ 8 has been added for DB-MIGRATOR, API, PAP, DROOLS-PDP, XACML-PDP, and CLAM ACM.
+
+ See:
+ - `POLICY-4314 <https://jira.onap.org/browse/POLICY-4314>`_ - Support for MySql 8.x DB client interfaces
+
+* Support for Service Mesh
+
+ All Policy Framework components and images support service mesh and are service mesh compatible. The OOM charts for
+ all Policy Framework components have been updated to supprot configuration for Service Mesh. In addition, some minor
+ bugs in startup scripts were fixed to allow HTTP or HTTPS to be configured on components.
+
+* XACML-PDP improvements
+
+ - Support for XACML 3.1 introduced
+ - Exposure of application level metrics
+ - Support for Postgres database as well as MariaDB
+ - Support for DCAE TCAGEN2 monitoring app changes
+ - Logging to standard output
+ - XACML tutorial updated and improved
+
+ See:
+ - `POLICY-4049 <https://jira.onap.org/browse/POLICY-4049>`_ - R11: Improvements specific to xacml-pdp
+
+* DROOLS-PDP and DROOLS-Applications improvements
+
+ - Latest Drools libraries supported
+ - JDBC pooling libraries upgraded
+
+ See:
+ - `POLICY-4050 <https://jira.onap.org/browse/POLICY-4050>`_ - R11: Improvements specific to drools-pdp and drools-applications
+
+* APEX-PDP Improvements
+
+ - Support for event definitions in JSON as well as AVRO is added
+ - Support for Metadata Set generation from the APEX CLI editor
+ - Support for deserialization of messages encoded in Avro carried over Kafka
+
+ See:
+ - `POLICY-4048 <https://jira.onap.org/browse/POLICY-4048>`_ - R11: Improvements specific to apex-pdp
+
+* Policy-Distribution Improvements
+
+ - Configuration added to allow distribution of CLAMP ACM compositions
+ - Policy distribution re-synchs if SDC is reinstalled
+
+ See:
+ - `POLICY-4052 <https://jira.onap.org/browse/POLICY-4052>`_ - R11: Improvements to distribution
+
+* CLAMP Improvements
+
+ - Instance properties can be edited
+ - Helm repository can be configured in the Kubernetes participant
+
+ See:
+ - `POLICY-4053 <https://jira.onap.org/browse/POLICY-4053>`_ - R11: Improvements specific to clamp
+
+* System Attribute Improvements
+ - Demo Grafana dashboards available for policy framework components
+ - All parameters in Helm Charts have default values
+ - Springboot dependency handling improved in policy-parent
+ - CSITs amended to use HTTP rather than HTTPS and to use released image versions from Nexus when snapshot image
+ versions are not available
+ - Updates to database drivers to latest versions
+
+Known Limitations, Issues and Workarounds
+=========================================
+
+System Limitations
+~~~~~~~~~~~~~~~~~~
+N/A
+
+Known Vulnerabilities
+~~~~~~~~~~~~~~~~~~~~~
+.. list-table::
+ :widths: 8 3 5 15
+ :header-rows: 1
+
+ * - Dependency
+ - Security Threat Level
+ - Policy Framework Components
+ - Comment
+ * - io.grpc:grpc-core:1.25.0
+ - 6
+ - | policy/models
+ | policy/apex-pdp
+ - Transitive dependency pulled in by the CDS project
+ * - io.springfox:springfox-swagger-ui:3.0.0
+ - 6
+ - | policy/api
+ | policy/pap
+ | policy/clamp
+ - Dependency used to generate Swagger files from annotations
+ * - io.springfox:springfox-swagger2:3.0.0
+ - 6
+ - | policy/api
+ | policy/pap
+ | policy/clamp
+ - Dependency used to generate Swagger files from annotations
+ * - io.projectreactor.netty:reactor-netty-core:1.0.19
+ - 6
+ - | policy/clamp
+ - TBC
+ * - io.projectreactor.netty:reactor-netty-http:1.0.19
+ - 6
+ - | policy/clamp
+ - TBC
+ * - org.webjars jquery-ui 1.12.1
+ - 6
+ - | policy/gui
+ - TBC
+ * - com.thoughtworks.xstream:xstream:1.4.17
+ - 10
+ - | policy/drools-pdp
+ - Pulled in by the Drools rule engine
+ * - org.apache.maven:maven-compat:3.3.9
+ - 10
+ - | policy/drools-pdp
+ - Pulled in by the Drools rule engine
+ * - org.apache.maven:maven-core:3.3.9
+ - 10
+ - | policy/drools-pdp
+ - Pulled in by the Drools rule engine
+ * - org.apache.maven:maven-settings:3.3.9
+ - 10
+ - | policy/drools-pdp
+ - Pulled in by the Drools rule engine
+ * - org.jsoup:jsoup:1.7.2
+ - 10
+ - | policy/drools-pdp
+ - Pulled in by the Drools rule engine
+
+Workarounds
+~~~~~~~~~~~
+N/A
+
+Security Notes
+==============
+.. list-table::
+ :widths: 8 3 5 15
+ :header-rows: 1
+
+ * - Dependency
+ - Security Threat Level
+ - Policy Framework Components
+ - Comment
+ * - org.springframework:spring-web:5.3.22
+ - 10
+ - | policy/common
+ | policy/api
+ | policy/pap
+ | policy/clamp
+ | policy/gui
+ - Threat only applies when serialising and deserialising Java Objects, which the Policy Framework does not do
+
+Functional Improvements
+=======================
+| `POLICY-4108 <https://jira.onap.org/browse/POLICY-4108>`_ - Control Loop Policy for A1-based action for SON Use Case
+| `POLICY-4356 <https://jira.onap.org/browse/POLICY-4356>`_ - 5g son policy models changes
+| `POLICY-4357 <https://jira.onap.org/browse/POLICY-4357>`_ - 5g son policy drools apps changes
+
+| `POLICY-4121 <https://jira.onap.org/browse/POLICY-4121>`_ - R11: DMaaP and Kafka updates
+| `POLICY-4131 <https://jira.onap.org/browse/POLICY-4131>`_ - Update the DMaaP client in the Policy Framework common utility library.
+| `POLICY-4132 <https://jira.onap.org/browse/POLICY-4132>`_ - Check that all asynchronous messaging continues to work with updated DMaaP client
+| `POLICY-4133 <https://jira.onap.org/browse/POLICY-4133>`_ - Add a Kafka client in the Policy Framework common utility library.
+| `POLICY-4134 <https://jira.onap.org/browse/POLICY-4134>`_ - Configure the Policy Framework components to use Kafka along with DMaaP
+| `POLICY-4135 <https://jira.onap.org/browse/POLICY-4135>`_ - Check that all asynchronous messaging continues to work with Kafka messaging
+| `POLICY-4313 <https://jira.onap.org/browse/POLICY-4313>`_ - Move kafka version management to policy/parent/integration
+| `POLICY-4204 <https://jira.onap.org/browse/POLICY-4204>`_ - OOM experimentation using strimzi
+| `POLICY-4146 <https://jira.onap.org/browse/POLICY-4146>`_ - Add Prometheus counters for measuring SLAs on ACM REST endpoints
+| `POLICY-4163 <https://jira.onap.org/browse/POLICY-4163>`_ - SLAs on REST Interfaces
+| `POLICY-4166 <https://jira.onap.org/browse/POLICY-4166>`_ - Spike to understand metrics to measure SLAs
+| `POLICY-4220 <https://jira.onap.org/browse/POLICY-4220>`_ - CSIT does not display logs for some containers
+| `POLICY-4086 <https://jira.onap.org/browse/POLICY-4086>`_ - Improve CSIT to use proper currentInstanceCount value in PdpGroups
+| `POLICY-4338 <https://jira.onap.org/browse/POLICY-4338>`_ - Convert CSITs to use HTTP rather than HTTPS
+| `POLICY-4167 <https://jira.onap.org/browse/POLICY-4167>`_ - Add build instruction in readme
+
+| `POLICY-4120 <https://jira.onap.org/browse/POLICY-4120>`_ - R11: SUSE flavoured images in the Policy Framework
+| `POLICY-4128 <https://jira.onap.org/browse/POLICY-4128>`_ - Create an OpenSuse docker file equivalent to the existing Alpine docker file for each image in the Policy Framework
+| `POLICY-4129 <https://jira.onap.org/browse/POLICY-4129>`_ - Add a build profile to each repo build to trigger generation of Suse flavoured images
+| `POLICY-4130 <https://jira.onap.org/browse/POLICY-4130>`_ - Add OCI Image spec labels to both Alpine and OpenSuse docker files
+| `POLICY-4208 <https://jira.onap.org/browse/POLICY-4208>`_ - Reduce size of docker images
+| `POLICY-4278 <https://jira.onap.org/browse/POLICY-4278>`_ - Upgrade OpenSuse to version 15.4
+| `POLICY-4334 <https://jira.onap.org/browse/POLICY-4334>`_ - Allow setting external dockerfile
+
+| `POLICY-3642 <https://jira.onap.org/browse/POLICY-3642>`_ - R11: Database and TOSCA related issues
+| `POLICY-1749 <https://jira.onap.org/browse/POLICY-1749>`_ - Resolve specification of policy type versions in policies in TOSCA
+| `POLICY-2540 <https://jira.onap.org/browse/POLICY-2540>`_ - Proper handling of data types in policy-models and policy-api
+| `POLICY-3236 <https://jira.onap.org/browse/POLICY-3236>`_ - Adjust flexibility of Tosca Service Template Handling
+| `POLICY-4067 <https://jira.onap.org/browse/POLICY-4067>`_ - Fetch all versions of a policyType API returning only the latest version
+| `POLICY-4176 <https://jira.onap.org/browse/POLICY-4176>`_ - Support Secured Database Connections
+| `POLICY-4314 <https://jira.onap.org/browse/POLICY-4314>`_ - Support for MySql 8.x DB client interfaces
+| `POLICY-3489 <https://jira.onap.org/browse/POLICY-3489>`_ - Add script to load default data into tables using db-migrator
+| `POLICY-3585 <https://jira.onap.org/browse/POLICY-3585>`_ - TOSCA Handling issues
+| `POLICY-4097 <https://jira.onap.org/browse/POLICY-4097>`_ - Validate policy-api redundancy with at least 2 pods using J release
+| `POLICY-4098 <https://jira.onap.org/browse/POLICY-4098>`_ - Validate policy-pap redundancy with at least 2 pods using J release
+| `POLICY-4099 <https://jira.onap.org/browse/POLICY-4099>`_ - Spike to determine the work in apex-pdp for redundancy support
+| `POLICY-4100 <https://jira.onap.org/browse/POLICY-4100>`_ - Spike to determine the work in drools-pdp for redundancy support
+
+| `POLICY-4048 <https://jira.onap.org/browse/POLICY-4048>`_ - R11: Improvements specific to apex-pdp
+| `POLICY-4290 <https://jira.onap.org/browse/POLICY-4290>`_ - Support JSON based event schema in apex-pdp
+| `POLICY-3446 <https://jira.onap.org/browse/POLICY-3446>`_ - Change apex-pdp to use BeanValidator
+| `POLICY-3810 <https://jira.onap.org/browse/POLICY-3810>`_ - Fix sonar issues in apex-pdp
+| `POLICY-4084 <https://jira.onap.org/browse/POLICY-4084>`_ - Apex cli editor should generate policies with metadataSet
+| `POLICY-4285 <https://jira.onap.org/browse/POLICY-4285>`_ - Remove debian packaging from apex-pdp build
+| `POLICY-4324 <https://jira.onap.org/browse/POLICY-4324>`_ - Fix Docker File for Apex MyFirstExample
+| `POLICY-4369 <https://jira.onap.org/browse/POLICY-4369>`_ - Support KafkaAvroDeserializer in KafkaConsumer plugin of apex-pdp
+
+| `POLICY-4049 <https://jira.onap.org/browse/POLICY-4049>`_ - R11: Improvements specific to xacml-pdp
+| `POLICY-3762 <https://jira.onap.org/browse/POLICY-3762>`_ - Expose application level metrics in xacml-pdp
+| `POLICY-4187 <https://jira.onap.org/browse/POLICY-4187>`_ - Support postgresql in Xacml PDP
+| `POLICY-4317 <https://jira.onap.org/browse/POLICY-4317>`_ - PAP, PDP-X: Support DCAE tcagen2 monitoring app changes
+| `POLICY-3495 <https://jira.onap.org/browse/POLICY-3495>`_ - Xacml-pdp should log to stdout
+| `POLICY-4171 <https://jira.onap.org/browse/POLICY-4171>`_ - Update Docker Tag related configurations in XACML Tutorial code
+| `POLICY-4275 <https://jira.onap.org/browse/POLICY-4275>`_ - Upgrade XACML PDP to use XACML 3.1 release
+
+| `POLICY-4050 <https://jira.onap.org/browse/POLICY-4050>`_ - R11: Improvements specific to drools-pdp and drools-applications
+| `POLICY-3960 <https://jira.onap.org/browse/POLICY-3960>`_ - Add/update documents for application metrics support in drools-pdp
+| `POLICY-4177 <https://jira.onap.org/browse/POLICY-4177>`_ - Support secured DB communications for PDP-D Core
+| `POLICY-4197 <https://jira.onap.org/browse/POLICY-4197>`_ - PDP-D: thread dump upon detection of application stuck session
+| `POLICY-4213 <https://jira.onap.org/browse/POLICY-4213>`_ - PDP-D APPS: Jenkins jobs started to fail basic builds
+| `POLICY-4281 <https://jira.onap.org/browse/POLICY-4281>`_ - Upgrade JDBC pooling libraries in drools
+| `POLICY-4335 <https://jira.onap.org/browse/POLICY-4335>`_ - PDP-D: Upgrade to the latest version of drools libraries
+
+| `POLICY-4051 <https://jira.onap.org/browse/POLICY-4051>`_ - R11: Improvements to api, pap and policy handling
+| `POLICY-3887 <https://jira.onap.org/browse/POLICY-3887>`_ - Enhancement in enhanced policy health check
+| `POLICY-2874 <https://jira.onap.org/browse/POLICY-2874>`_ - Investigate Policy-API S3P stability test results
+| `POLICY-4288 <https://jira.onap.org/browse/POLICY-4288>`_ - Check PAP CSIT Undeploy test timeout
+
+| `POLICY-4052 <https://jira.onap.org/browse/POLICY-4052>`_ - R11: Improvements to distribution
+| `POLICY-4110 <https://jira.onap.org/browse/POLICY-4110>`_ - Update configuration changes for distribution of ACM
+| `POLICY-2103 <https://jira.onap.org/browse/POLICY-2103>`_ - policy/distribution may need to re-synch if SDC gets reinstalled
+
+| `POLICY-4053 <https://jira.onap.org/browse/POLICY-4053>`_ - R11: Improvements specific to clamp
+| `POLICY-4078 <https://jira.onap.org/browse/POLICY-4078>`_ - Investigation of DB issue within Policy Clamp runtime
+| `POLICY-4341 <https://jira.onap.org/browse/POLICY-4341>`_ - ACM Runtime pod fails to come-up referencing to wrong filepath
+| `POLICY-4365 <https://jira.onap.org/browse/POLICY-4365>`_ - Increase code coverage in clamp
+| `POLICY-4094 <https://jira.onap.org/browse/POLICY-4094>`_ - Add Edit functionality for instance properties in Policy GUI
+| `POLICY-4105 <https://jira.onap.org/browse/POLICY-4105>`_ - Remove usage of jackson libraries from clamp runtime acm
+| `POLICY-4113 <https://jira.onap.org/browse/POLICY-4113>`_ - Make the permitted helm repository protocol a configurable parameter in k8s participant
+| `POLICY-4224 <https://jira.onap.org/browse/POLICY-4224>`_ - Clean up CLAMP Docker handling
+| `POLICY-4225 <https://jira.onap.org/browse/POLICY-4225>`_ - Fix type version in all tosca_service_template
+| `POLICY-4229 <https://jira.onap.org/browse/POLICY-4229>`_ - Fix type version in all tosca_service_template in parent documetation
+| `POLICY-4237 <https://jira.onap.org/browse/POLICY-4237>`_ - Add override parameters for enabling protocol in k8s-ppnt helm chart
+| `POLICY-4240 <https://jira.onap.org/browse/POLICY-4240>`_ - Update PMSH service template for ACM
+| `POLICY-4286 <https://jira.onap.org/browse/POLICY-4286>`_ - Junk output in the docker build for kubernetes participant
+| `POLICY-4289 <https://jira.onap.org/browse/POLICY-4289>`_ - Refactoring redundant spring libraries defined in clamp pom files
+| `POLICY-4371 <https://jira.onap.org/browse/POLICY-4371>`_ - Remove policy-clamp-be from OOM deployment for Service Mesh
+| `POLICY-4382 <https://jira.onap.org/browse/POLICY-4382>`_ - Update ACM document in ONAP doc for Kohn release
+
+Necessary Improvements and Bug Fixes
+====================================
+
+Necessary Improvements
+~~~~~~~~~~~~~~~~~~~~~~
+| `POLICY-4045 <https://jira.onap.org/browse/POLICY-4045>`_ - R11: Software (non functional) improvements
+| `POLICY-3967 <https://jira.onap.org/browse/POLICY-3967>`_ - Create detailed grafana dashboards for each policy framework component
+| `POLICY-4168 <https://jira.onap.org/browse/POLICY-4168>`_ - Security vulnerability when unzipping csar on distribution
+| `POLICY-4169 <https://jira.onap.org/browse/POLICY-4169>`_ - Ensure all parameters in Helm Charts have default values
+| `POLICY-3860 <https://jira.onap.org/browse/POLICY-3860>`_ - Analyze and improve spring boot dependencies management in PF components
+| `POLICY-4207 <https://jira.onap.org/browse/POLICY-4207>`_ - Remove Jenkins jobs on Guilin branches
+| `POLICY-4228 <https://jira.onap.org/browse/POLICY-4228>`_ - Add Ramesh Murugan Iyer as a committer
+| `POLICY-4230 <https://jira.onap.org/browse/POLICY-4230>`_ - Update Weekly Meetings with status from daily scrums
+| `POLICY-4234 <https://jira.onap.org/browse/POLICY-4234>`_ - Fix CSITs on Honolulu/Istanbul/Jakarta branches
+| `POLICY-4242 <https://jira.onap.org/browse/POLICY-4242>`_ - PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR KOHN
+| `POLICY-4280 <https://jira.onap.org/browse/POLICY-4280>`_ - Upgrade mariadb driver to latest 2.x version in PDP-D, and APPS
+| `POLICY-4287 <https://jira.onap.org/browse/POLICY-4287>`_ - Update Docker Builds to allow for multiple architecture Docker Fille generation
+| `POLICY-4308 <https://jira.onap.org/browse/POLICY-4308>`_ - Unmaintained Repos
+| `POLICY-4354 <https://jira.onap.org/browse/POLICY-4354>`_ - Update INFO.yaml fine on all repos
+| `POLICY-4393 <https://jira.onap.org/browse/POLICY-4393>`_ - Update dependencies to remove security vulnerabilities
+
+| `POLICY-4046 <https://jira.onap.org/browse/POLICY-4046>`_ - R11: Address technical debt left over from Previous Release
+| `POLICY-4093 <https://jira.onap.org/browse/POLICY-4093>`_ - Update spring vesion in oparent and remove override in policy/parent
+
+Bug Fixes
+~~~~~~~~~
+| `POLICY-4170 <https://jira.onap.org/browse/POLICY-4170>`_ - Fix k8s-ppnt cluster role binding name in OOM
+| `POLICY-4186 <https://jira.onap.org/browse/POLICY-4186>`_ - Wrong versions of policy related jar in policy-xacml-pdp latest image
+| `POLICY-4226 <https://jira.onap.org/browse/POLICY-4226>`_ - policy distribution cannot disable https to SDC
+| `POLICY-4236 <https://jira.onap.org/browse/POLICY-4236>`_ - K8s participant marks the deployment failed if the deployment is initiated with a delay
+| `POLICY-4238 <https://jira.onap.org/browse/POLICY-4238>`_ - CLAMP ACM docker image Java logging does not work
+| `POLICY-4239 <https://jira.onap.org/browse/POLICY-4239>`_ - ACM commissioning fails with 404 error when deployed in CSIT docker
+| `POLICY-4241 <https://jira.onap.org/browse/POLICY-4241>`_ - Participant update list in ACM is not populated with multiple AC elements
+| `POLICY-4268 <https://jira.onap.org/browse/POLICY-4268>`_ - Logging directory mismatch for policy OOM components
+| `POLICY-4269 <https://jira.onap.org/browse/POLICY-4269>`_ - Clamp Backend fails without AAF in Service Mesh
+| `POLICY-4270 <https://jira.onap.org/browse/POLICY-4270>`_ - CSIT fails while executing CLAMP ACM test cases
+| `POLICY-4274 <https://jira.onap.org/browse/POLICY-4274>`_ - XACML-PDP raw decision API serialization is incorrect
+| `POLICY-4326 <https://jira.onap.org/browse/POLICY-4326>`_ - Look into Policy-Distribution grafana chart for negative heap memory
+| `POLICY-4331 <https://jira.onap.org/browse/POLICY-4331>`_ - Policy-GUI Apex Broken Tests
+| `POLICY-4339 <https://jira.onap.org/browse/POLICY-4339>`_ - Clamp build fails in policy participant module while processing policies without topology template
+| `POLICY-4351 <https://jira.onap.org/browse/POLICY-4351>`_ - log of Element container is not visible at Standard Output
+| `POLICY-4352 <https://jira.onap.org/browse/POLICY-4352>`_ - Lob type from jpa entities casting wrongly on postgres
+| `POLICY-4353 <https://jira.onap.org/browse/POLICY-4353>`_ - JSON schema plugin is not working with multiple events mentioned in apex config with | separator
+| `POLICY-4355 <https://jira.onap.org/browse/POLICY-4355>`_ - PodStatus Validator is failing to check if the pod is running in K8sParticipant