From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Sat, 5 Oct 2019 21:19:42 +0000 (+0200)
Subject: Use OJSI identifier to document fixed vulnerability
X-Git-Tag: 2.0.0~18
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=79bef7f1ca027a1aad11ebdbf8975a216d817b97;hp=602f77bf2e45936b0cd974788d2b58a5f5e2e397;p=optf%2Fhas.git

Use OJSI identifier to document fixed vulnerability

It's better to stick to the convention that OJSI ticket should be
mentioned in Fixed Security Issues section to ensure full traceability.

Issue-ID: OJSI-137
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I3549e3853b5acd69df00500106ca35dc4002fe10
---

diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst
index 932b6df..b4b1fba 100644
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -43,7 +43,8 @@ The El Alto release for OOF fixed the following Bugs.
 
 *Fixed Security Issues*
 
-    * [OPTFRA-521] oof-has-api exposes plain text HTTP endpoint using port 30275
+    * [`OJSI-137 <https://jira.onap.org/browse/OJSI-137>`_] In default deployment OPTFRA (oof-has-api) exposes HTTP port 30275 outside of cluster.
+      This issue has been also described in "[OPTFRA-521] oof-has-api exposes plain text HTTP endpoint using port 30275"
 
 *Known Security Issues*