Document OJSI-109 vulnerability

author Krzysztof Opasiak <k.opasiak@samsung.com>

Mon, 27 May 2019 16:06:32 +0000 (18:06 +0200)

committer Krzysztof Opasiak <k.opasiak@samsung.com>

Thu, 30 May 2019 15:47:03 +0000 (17:47 +0200)
author Krzysztof Opasiak <k.opasiak@samsung.com>
Mon, 27 May 2019 16:06:32 +0000 (18:06 +0200)
committer Krzysztof Opasiak <k.opasiak@samsung.com>
Thu, 30 May 2019 15:47:03 +0000 (17:47 +0200)
diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst

index e43b1c5..d689ca2 100644 (file)
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -105,6 +105,8 @@ Source code of DCAE components are released under the following repositories on
  
  *Known Security Issues*
  
+    * In default deployment DCAEGEN2 (xdcae-datafile-collector) exposes HTTP port 30223 outside of cluster. [`OJSI-109 <https://jira.onap.org/browse/OJSI-109>`_]
+
  *Known Vulnerabilities in Used Modules*
  
  DCAE code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The DCAE open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=51282478>`_.
author	Krzysztof Opasiak <k.opasiak@samsung.com>
	Mon, 27 May 2019 16:06:32 +0000 (18:06 +0200)
committer	Krzysztof Opasiak <k.opasiak@samsung.com>
	Thu, 30 May 2019 15:47:03 +0000 (17:47 +0200)