From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Wed, 5 Jun 2019 00:09:21 +0000 (+0200)
Subject: Document OJSI-79 (CVE-2019-12118) vulnerability
X-Git-Tag: 1.6.1~329
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F10%2F89310%2F1;p=sdc.git

Document OJSI-79 (CVE-2019-12118) vulnerability

Issue-ID: OJSI-79
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I077e40fb42b915fffbd8bd1779ef02fd60c2758c
---

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index c03516aadb..9d6e725a2b 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -105,6 +105,7 @@ Security Notes
 -  CVE-2019-12115 [`OJSI-76 <https://jira.onap.org/browse/OJSI-76>`__\ ] - demo-sdc-sdc-be exposes JDWP on port 4000 which allows for arbitrary code execution
 -  CVE-2019-12116 [`OJSI-77 <https://jira.onap.org/browse/OJSI-77>`__\ ] - demo-sdc-sdc-fe exposes JDWP on port 6000 which allows for arbitrary code execution
 -  CVE-2019-12117 [`OJSI-78 <https://jira.onap.org/browse/OJSI-78>`__\ ] - demo-sdc-sdc-onboarding-be exposes JDWP on port 4001 which allows for arbitrary code execution
+-  CVE-2019-12118 [`OJSI-79 <https://jira.onap.org/browse/OJSI-79>`__\ ] - demo-sdc-sdc-wfd-be exposes JDWP on port 7001 which allows for arbitrary code execution
 
 *Known Vulnerabilities in Used Modules*