Code Review / aaf / sms.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Document fixed OJSI-206 vulnerability
[aaf/sms.git] / docs / release_notes.rst
diff --git a/docs/release_notes.rst b/docs/release_notes.rst
index 9da9d93..fb0ff46 100644 (file)
--- a/docs/release_notes.rst
+++ b/docs/release_notes.rst
@@ -3,7 +3,37 @@
 .. Copyright (c) 2018 Intel Corp, Inc.
 
 Release Notes
-=============
+-------------
+
+Version: 4.0.0
+--------------
+
+:Release Date: 2019-05-31
+
+**New Features**
+
+The Dublin Release does not have any major updates to the Secret Management Service
+
+**Bug Fixes**
+
+       - No new fixes were implemented for this release
+
+**Security Notes**
+
+*Fixed Security Issues*
+
+       - In default deployment AAF SMS (aaf-sms-db) exposes HTTP port 30244 outside of cluster. [`OJSI-121 <https://jira.onap.org/browse/OJSI-121>`_]
+       - Secret Management Service allows to access all stored data. [`OJSI-206 <https://jira.onap.org/browse/OJSI-206>`_]
+
+*Known Security Issues*
+
+*Known Vulnerabilities in Used Modules*
+
+**Upgrade Notes**
+
+    Use the 4.0.0 image for SMS
+
+===========
 
 Version: 2.0.0
 --------------
Secret Management Service that will contain the webservice as well as client code for managing and accessing secrets.