X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=docs%2Frelease-notes.rst;h=1475975b128eca2944305e53de6bdf21d32eab38;hb=4aa20bc42b7bd98dde15f7594084669eb92412c2;hp=11fc340161c4352c9751401d260187b83c3e5745;hpb=267816c75201830632b476f93992826e19fac5e1;p=sdc.git diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 11fc340161..1475975b12 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -4,6 +4,139 @@ Release Notes ============= + +Version: 1.5.2 +============== + +:Release Date: 2019-10-10 + +SDC SDKs Versions +----------------- + +- sdc-distribution-client + + :Version: 1.4.0 + +- sdc-tosca + + :Version: 1.6.2 + +Release Purpose +---------------- + + +**Epics** + +- [`SDC-1425`_] - SDC documentation improvement +- [`SDC-2461`_] - El Alto release planning milestone +- [`SDC-2487`_] - Functionality and API Freeze +- [`SDC-2523`_] - Code Freeze +- [`SDC-2566`_] - Release Candidate 0 Integration and Test + +.. _SDC-1425: https://jira.onap.org/browse/SDC-1425 +.. _SDC-2461: https://jira.onap.org/browse/SDC-2461 +.. _SDC-2487: https://jira.onap.org/browse/SDC-2487 +.. _SDC-2523: https://jira.onap.org/browse/SDC-2523 +.. _SDC-2566: https://jira.onap.org/browse/SDC-2566 + +**Stories** + +- [`SDC-1894`_] - Enable Certificate for SDC +- [`SDC-1961`_] - Purge APIs for Service and Resource +- [`SDC-2072`_] - Create VSP from VNF csar +- [`SDC-2101`_] - RestConf - Policy model support +- [`SDC-2102`_] - DFC - Policy model support +- [`SDC-2104`_] - PM-Mapper Policy Model support +- [`SDC-2142`_] - Enhance Service/VF/PNF to support Req & Cap +- [`SDC-2166`_] - Enable transport level encryption on all interfaces + and the option to turn it off +- [`SDC-2294`_] - Support Capability Properties +- [`SDC-2296`_] - Upgrade SDC from Titan to Janus Graph +- [`SDC-2313`_] - Fix Service Proxy Node Type +- [`SDC-2359`_] - Fix Service Proxy Node Template +- [`SDC-2397`_] - SDC Constructor injection - better practice +- [`SDC-2416`_] - Embed AAF generated certificate in SDC +- [`SDC-2419`_] - Migrate all SDC projects to O-Parent +- [`SDC-2475`_] - Package Handling - Validate PM Dictionary and VES + Events YAML Files in SOL004 package +- [`SDC-2478`_] - Update SDC versions +- [`SDC-2509`_] - Descriptor Handling - Model-driven mapping from + SOL001 to internal model +- [`SDC-2510`_] - Package Handling - Store the original onboarded + package, whether it's a CSAR or a ZIP +- [`SDC-2540`_] - Package Handling - Fix artifacts references in main + TOSCA descriptor while converting packages +- [`SDC-2560`_] - Update SDC versions + +.. _SDC-1894: https://jira.onap.org/browse/SDC-1894 +.. _SDC-1961: https://jira.onap.org/browse/SDC-1961 +.. _SDC-2072: https://jira.onap.org/browse/SDC-2072 +.. _SDC-2101: https://jira.onap.org/browse/SDC-2101 +.. _SDC-2102: https://jira.onap.org/browse/SDC-2102 +.. _SDC-2104: https://jira.onap.org/browse/SDC-2104 +.. _SDC-2142: https://jira.onap.org/browse/SDC-2142 +.. _SDC-2166: https://jira.onap.org/browse/SDC-2166 +.. _SDC-2294: https://jira.onap.org/browse/SDC-2294 +.. _SDC-2296: https://jira.onap.org/browse/SDC-2296 +.. _SDC-2313: https://jira.onap.org/browse/SDC-2313 +.. _SDC-2359: https://jira.onap.org/browse/SDC-2359 +.. _SDC-2397: https://jira.onap.org/browse/SDC-2397 +.. _SDC-2416: https://jira.onap.org/browse/SDC-2416 +.. _SDC-2419: https://jira.onap.org/browse/SDC-2419 +.. _SDC-2475: https://jira.onap.org/browse/SDC-2475 +.. _SDC-2478: https://jira.onap.org/browse/SDC-2478 +.. _SDC-2509: https://jira.onap.org/browse/SDC-2509 +.. _SDC-2510: https://jira.onap.org/browse/SDC-2510 +.. _SDC-2540: https://jira.onap.org/browse/SDC-2540 +.. _SDC-2560: https://jira.onap.org/browse/SDC-2560 + + +Security Notes +-------------- + +*Fixed Security Issues* + +- [`OJSI-31 `__\ ] - Unsecured Swagger UI Interface in sdc-wfd-be +- CVE-2019-12115 [`OJSI-76 `__\ ] - demo-sdc-sdc-be exposes JDWP on port 4000 which allows for arbitrary code execution +- CVE-2019-12116 [`OJSI-77 `__\ ] - demo-sdc-sdc-fe exposes JDWP on port 6000 which allows for arbitrary code execution +- CVE-2019-12117 [`OJSI-78 `__\ ] - demo-sdc-sdc-onboarding-be exposes JDWP on port 4001 which allows for arbitrary code execution +- CVE-2019-12118 [`OJSI-79 `__\ ] - demo-sdc-sdc-wfd-be exposes JDWP on port 7001 which allows for arbitrary code execution +- CVE-2019-12119 [`OJSI-80 `__\ ] - demo-sdc-sdc-wfd-fe exposes JDWP on port 7000 which allows for arbitrary code execution + +*Known Security Issues* + +- [`OJSI-90 `__\ ] - SDC exposes unprotected API for user creation +- [`OJSI-94 `__\ ] - sdc-wfd-fe allows to impersonate any user by setting USER_ID +- [`OJSI-126 `__\ ] - In default deployment SDC (sdc-wfd-fe) exposes HTTP port 30256 outside of cluster. +- [`OJSI-127 `__\ ] - In default deployment SDC (sdc-wfd-be) exposes HTTP port 30257 outside of cluster. + + +*Known Vulnerabilities in Used Modules* + +Quick Links: + +- `SDC project page `__ +- `Passing Badge information for SDC `__ + +**Known Issues** + +- [`SDC-2541 `__\ ] - Custom WF not present in the CSAR package + +**Upgrade Notes** + + N/A + +**Deprecation Notes** + + N/A + +**Other** + + N/A + + + + Version: 1.4.1 ============== @@ -95,9 +228,9 @@ The main goal of the Dublin release was to: **Known Issues** -- [`SDC-1937 `__\ ] - Service dependency - Can't select sibling property when sibling node is not service proxy -- [`SDC-1956 `__\ ] - SDC appears to lose connectivity to Cassandra and Titan intermittently -- [`SDC-1970 `__\ ] - SDC fails to deploy in Windriver lab +- [`SDC-2336 `__\ ] - Service dependency - Can't select sibling property when sibling node is not service proxy +- [`SDC-2374 `__\ ] - SDC appears to lose connectivity to Cassandra and Titan intermittently +- [`SDC-2371 `__\ ] - SDC fails to deploy in Windriver lab Security Notes --------------