.. * This note must be removed after content has been added.
-Version: 1.5.2
+Version: 1.5.3
--------------
-:Release Date: 2019-6-6
+:Release Date: 2019-6-19
**New Features**
**Bug Fixes**
+ - `APPC-1242 <https://jira.onap.org/browse/APPC-1242>`_ - vFWCL ModifyConfig only works on one node in an APPC cluster.
- `APPC-1263 <https://jira.onap.org/browse/APPC-1263>`_ - Two methods of Artifact Transformer in appc-config-params will always return null.
- `APPC-1264 <https://jira.onap.org/browse/APPC-1264>`_ - Errors in unit tests in config-generator package.
- `APPC-1270 <https://jira.onap.org/browse/APPC-1270>`_ - Unit tests in ccadaptor code not testing correctly.
**Known Issues**
- `APPC-1613 <https://jira.onap.org/browse/APPC-1613>`_ - Exception for LCM request with parameter read from A&AI.
+ - to work around this is to switch to the fixed parameter in the template or passed as configuration parameter in stead of using A&AI that APPC received the value from the request.
**Security Notes**
*Fixed Security Issues*
- `OJSI-146 <https://jira.onap.org/browse/OJSI-146>`_ - In default deployment APPC (appc-cdt) exposes HTTP port 30289 outside of cluster.
+ - `OJSI-104 <https://jira.onap.org/browse/OJSI-104>`_ - In default deployment APPC (appc) exposes HTTP port 30211 outside of cluster.
*Known Security Issues*
+ - CVE-2019-12316 `OJSI-25 <https://jira.onap.org/browse/OJSI-25>`_ - SQL Injection in APPC
+ - `OJSI-29 <https://jira.onap.org/browse/OJSI-29>`_ - Unsecured Swagger UI Interface in AAPC
+ - CVE-2019-12124 `OJSI-63 <https://jira.onap.org/browse/OJSI-63>`_ - APPC exposes Jolokia Interface which allows to read and overwrite any arbitrary file
+ - `OJSI-95 <https://jira.onap.org/browse/OJSI-95>`_ - appc-cdt allows to impersonate any user by setting USER_ID
+ - `OJSI-112 <https://jira.onap.org/browse/OJSI-112>`_ - In default deployment APPC (appc-dgbuilder) exposes HTTP port 30228 outside of cluster.
+ - `OJSI-113 <https://jira.onap.org/browse/OJSI-113>`_ - In default deployment APPC (appc) exposes HTTP port 30230 outside of cluster.
+ - `OJSI-185 <https://jira.onap.org/browse/OJSI-185>`_ - appc exposes ssh service on port 30231
+
*Known Vulnerabilities in Used Modules*
Quick Links: