From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Wed, 5 Jun 2019 22:00:46 +0000 (+0200)
Subject: Document OJSI-122 vulnerability
X-Git-Tag: 1.3.3~2
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=e4849d9e08f994766856d16160ffbd011dd1b109;p=optf%2Fosdf.git

Document OJSI-122 vulnerability

Issue-ID: OJSI-122
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I41342d29427ab1d8d7de345bad79454f4dd74bf3
---

diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst
index 22c6b4b..4c4bd9c 100644
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -46,6 +46,8 @@ The Dublin release for OOF delivered the following Epics.
 
 *Known Security Issues*
 
+    * [`OJSI-122 <https://jira.onap.org/browse/OJSI-122>`_] In default deployment OPTFRA (oof-osdf) exposes HTTP port 30248 outside of cluster.
+
 *Known Vulnerabilities in Used Modules*
 
 OPTFRA osdf code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found.