From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Wed, 5 Jun 2019 21:57:13 +0000 (+0200)
Subject: Document OJSI-137 vulnerability
X-Git-Tag: 1.3.2~4
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=refs%2Fchanges%2F42%2F89442%2F1;p=optf%2Fhas.git

Document OJSI-137 vulnerability

Issue-ID: OJSI-137
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I2b27d485e98d5e58f737fe19d4c4d95433dbea28
---

diff --git a/docs/sections/release-notes.rst b/docs/sections/release-notes.rst
index 8e9b99a..10062de 100644
--- a/docs/sections/release-notes.rst
+++ b/docs/sections/release-notes.rst
@@ -58,6 +58,8 @@ These are all issues with fix version: Dublin Release and status: open, in-progr
 
 *Known Security Issues*
 
+    * [`OJSI-137 <https://jira.onap.org/browse/OJSI-137>`_] In default deployment OPTFRA (oof-has-api) exposes HTTP port 30275 outside of cluster.
+
 *Known Vulnerabilities in Used Modules*
 
 OPTFRA code has been formally scanned during build time using NexusIQ and no Critical vulnerability was found. `project <https://wiki.onap.org/pages/viewpage.action?pageId=64005463>`_.