Code Review / appc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Document OJSI-29 vulnerability
[appc.git] / docs / release-notes.rst
diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 86754a3..a6aad66 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -111,9 +111,13 @@ The Dublin release added the following functionality:
 *Fixed Security Issues*
 
       - `OJSI-146 <https://jira.onap.org/browse/OJSI-146>`_ - In default deployment APPC (appc-cdt) exposes HTTP port 30289 outside of cluster.
+      - `OJSI-104 <https://jira.onap.org/browse/OJSI-104>`_ - In default deployment APPC (appc) exposes HTTP port 30211 outside of cluster.
 
 *Known Security Issues*
 
+      - CVE-2019-12316 `OJSI-25 <https://jira.onap.org/browse/OJSI-25>`_ - SQL Injection in APPC
+      - `OJSI-29 <https://jira.onap.org/browse/OJSI-29>`_ - Unsecured Swagger UI Interface in AAPC
+
 *Known Vulnerabilities in Used Modules*
 
 Quick Links:
ARCHIVED- 2022-02-15 at the request of the project