.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
+.. _release_notes:
+.. ===========================
+.. * * * FRANKFURT * * *
+.. ===========================
Release Notes
=============
-Version: 1.1.14 (Dublin)
+Abstract
+--------
+
+This document provides the DMaaP Message Router release notes for the Frankfurt release.
+
+Summary
+-------
+
+
+Release Data
+------------
+
++--------------------------------------+--------------------------------------+
+| **DMaaP Message Router Project** | |
+| | |
++--------------------------------------+--------------------------------------+
+| **Docker images** | - onap/dmaap/dmaap-mr:1.1.18 |
+| | - onap/dmaap/kafka111:1.0.4 |
+| | - onap/dmaap/zookeeper:6.0.3 |
+| | |
++--------------------------------------+--------------------------------------+
+| **Release designation** | 6.0.0 frankfurt |
+| | |
++--------------------------------------+--------------------------------------+
+| **Release date** | 2020-06-04 |
+| | |
++--------------------------------------+--------------------------------------+
+
+
+New features
+------------
+* Kafka and Zookeeper images are created using confluent community edition 5.3.0
+* Prometheus monitoring
+* Protected all the Kafka operations using AAF
+* Remove the AAF dependency by toggling a flag
+
+
+Known Limitations, Issues and Workarounds
+-----------------------------------------
+
+System Limitations
+------------------
+
+
+Known Vulnerabilities
+---------------------
+* CVE-2016-1000027
+* CVE-2018-11307
+* CVE-2019-13990
+* SONATYPE-2018-0624
+* CVE-2018-12022
+* SONATYPE-2019-0414
+* SONATYPE-2019-0808
+* CVE-2019-10241
+* CVE-2019-12406
+* CVE-2020-5408
+* CVE-2019-10246
+* CVE-2019-10247
+* CVE-2020-5397
+* SONATYPE-2012-0050
+* SONATYPE-2017-0507
+* SONATYPE-2019-0469
+* CVE-2018-12023
+* SONATYPE-2018-0624
+* CVE-2019-20444
+* CVE-2019-20445
+* CVE-2019-16869
+* SONATYPE-2020-0029
+* SONATYPE-2020-0103
+* CVE-2019-17571
+* CVE-2020-5398
+* CVE-2018-17196
+
+
+Workarounds
+-----------
+
+
+Security Notes
--------------
+
+References
+----------
+
+For more information on the ONAP Frankfurt release, please see:
+
+#. `ONAP Home Page`_
+#. `ONAP Documentation`_
+#. `ONAP Release Downloads`_
+#. `ONAP Wiki Page`_
+
+
+.. _`ONAP Home Page`: https://www.onap.org
+.. _`ONAP Wiki Page`: https://wiki.onap.org
+.. _`ONAP Documentation`: https://docs.onap.org
+.. _`ONAP Release Downloads`: https://git.onap.org
+
+Quick Links:
+- `DMAAP project page <https://wiki.onap.org/display/DW/DMaaP+Planning>`_
+- `Passing Badge information for DMAAP <https://bestpractices.coreinfrastructure.org/en/projects/1751>`_
+
+
+Version: 1.1.16 (ElAlto)
+------------------------
+
+:Release Date: 2019-10-10
+
+**New Features**
+
+- Cert based authentication support in Message Router
+- Improved Kafka and Zookeeper cluster lookup
+- Pluggable Kafka server.properties,log4j.properties and Message Router logback.xml
+
+
+**Bug Fixes**
+
+- Fixed for security vulnerabilities in Message Router
+- Fixed authorization issues in Message Router
+
+**Known Issues**
+ NA
+
+**Security Notes**
+
+DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The DMAAP open Critical security vulnerabilities and their risk assessment have been documented as part of the `Dublin <https://wiki.onap.org/pages/viewpage.action?pageId=64003715>`_.
+
+Quick Links:
+
+- `DMAAP project page <https://wiki.onap.org/display/DW/DMaaP+Planning>`_
+- `Passing Badge information for DMAAP <https://bestpractices.coreinfrastructure.org/en/projects/1751>`_
+- `Dublin Project Vulnerability Review Table for DMAAP <https://wiki.onap.org/pages/viewpage.action?pageId=64003715>`_
+
+**Upgrade Notes**
+ NA
+
+**Deprecation Notes**
+
+Version: 1.1.14 (Dublin)
+------------------------
+
:Release Date: 2019-06-06
**New Features**
**Security Notes**
-DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The DMAAP open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=64003715>`_.
+DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The DMAAP open Critical security vulnerabilities and their risk assessment have been documented as part of the `Dublin <https://wiki.onap.org/pages/viewpage.action?pageId=64003715>`_.
Quick Links:
- `DMAAP project page <https://wiki.onap.org/display/DW/DMaaP+Planning>`_
- `Passing Badge information for DMAAP <https://bestpractices.coreinfrastructure.org/en/projects/1751>`_
-- `Project Vulnerability Review Table for DMAAP <https://wiki.onap.org/pages/viewpage.action?pageId=64003715>`_
+- `Dublin Project Vulnerability Review Table for DMAAP <https://wiki.onap.org/pages/viewpage.action?pageId=64003715>`_
**Upgrade Notes**
NA
**Deprecation Notes**
-Version: 1.1.8
---------------
+Version: 1.1.8 (Casablanca)
+---------------------------
:Release Date: 2018-11-30
**Bug Fixes**
NA
+
**Known Issues**
If the ZooKeeper is restarted, Message Router works as expected only after restarting the Message Router . Refer `Jira <https://jira.onap.org/browse/DMAAP-893>`_ for more details
**Security Notes**
-DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The DMAAP open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=42598688>`_.
+DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The DMAAP open Critical security vulnerabilities and their risk assessment have been documented as part of the `Casablanca <https://wiki.onap.org/pages/viewpage.action?pageId=42598688>`_.
Quick Links:
- `DMAAP project page <https://wiki.onap.org/display/DW/DMaaP+Planning>`_
- `Passing Badge information for DMAAP <https://bestpractices.coreinfrastructure.org/en/projects/1751>`_
-- `Project Vulnerability Review Table for DMAAP <https://wiki.onap.org/pages/viewpage.action?pageId=42598688>`_
+- `Casablanca Project Vulnerability Review Table for DMAAP <https://wiki.onap.org/pages/viewpage.action?pageId=42598688>`_
**Upgrade Notes**
NA
Code Review / dmaap / messagerouter / messageservice.git / blobdiff