From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Thu, 30 May 2019 15:40:07 +0000 (+0200)
Subject: Document OJSI-28 vulnerability
X-Git-Tag: 5.0.1-ONAP~20
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F25%2F88925%2F2;p=dcaegen2.git

Document OJSI-28 vulnerability

Issue-ID: OJSI-28
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I0d1a1ca7975349f129db021883ea4ac726d2bf6f
---

diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst
index 936470d0..0c6d86d5 100644
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -105,6 +105,7 @@ Source code of DCAE components are released under the following repositories on
 
 *Known Security Issues*
 
+    * Unsecured Swagger UI Interface in xdcae-datafile-collector. [`OJSI-28 <https://jira.onap.org/browse/OJSI-28>`_]
     * In default deployment DCAEGEN2 (xdcae-datafile-collector) exposes HTTP port 30223 outside of cluster. [`OJSI-109 <https://jira.onap.org/browse/OJSI-109>`_]
     * In default deployment DCAEGEN2 (xdcae-ves-collector) exposes HTTP port 30235 outside of cluster. [`OJSI-116 <https://jira.onap.org/browse/OJSI-116>`_]
     * In default deployment DCAEGEN2 (dcae-datafile-collector) exposes HTTP port 30262 outside of cluster. [`OJSI-131 <https://jira.onap.org/browse/OJSI-131>`_]