From: Timoney, Dan (dt5972) Date: Thu, 15 Aug 2019 19:24:44 +0000 (-0400) Subject: Add initial release notes for El Alto early drop X-Git-Tag: 0.6.0~8 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=ccsdk%2Fdistribution.git;a=commitdiff_plain;h=dad42728c966c57212bf506f10bd9812497f8ce8;hp=0f4c96b5b6081efeecc73a748822a765cc38d62b Add initial release notes for El Alto early drop Add initial release notes for El Alto early drop Change-Id: Ia2bcff41ae7a49004c0c3efaa819ed2a4ed93ac3 Issue-ID: CCSDK-1589 Signed-off-by: Timoney, Dan (dt5972) --- diff --git a/docs/release-notes.rst b/docs/release-notes.rst index 93b0b717..c6ef571d 100644 --- a/docs/release-notes.rst +++ b/docs/release-notes.rst @@ -3,6 +3,66 @@ Release Notes ############# +Version 0.5.1 +************* +:Release Date: 2019-08-19 + +El Alto Early Drop release + +**New Features** + +There are no new features in the El Alto early drop release. The focus of this release is on bug +fixes, with a particular emphasis on security fixes. + +**Bug Fixes** +The full list of bug fixes in the El Alto early drop may be found at + +The following table summarizes some of the most significant issues addressed: + ++--------------+----------------------------------------------------+ +| Jira # | Abstract | ++==============+====================================================+ +| [CCSDK-1445] | loading jdbc driver Exception in ccsdk | ++--------------+----------------------------------------------------+ +| [CCSDK-1443] | cds blueprint processor does not start | ++--------------+----------------------------------------------------+ +| [CCSDK-1240] | CVE-20190-3795 : spring-data-core vulnerability | ++--------------+----------------------------------------------------+ +| [CCSDK-1239] | CVE-2019-3797 : spring-data vulnerability | ++--------------+----------------------------------------------------+ +| [CCSDK-1238] | Multiple CVEs - commons-compress | ++--------------+----------------------------------------------------+ +| [CCSDK-1117] | Remove runtime internet dependency for dgbuilder | ++--------------+----------------------------------------------------+ +| [CCSDK-991] | Upgrade to spring-core 2.8.6 or higher | ++--------------+----------------------------------------------------+ +| [CCSDK-988] | Multiple CVEs - spring-expression < 4.3.17.RELEASE | ++--------------+----------------------------------------------------+ +| [CCSDK-441] | Spring 3 vulnerability CVE-2018-1270 | ++--------------+----------------------------------------------------+ +**Known Issues** + +The full list of known issues in CCSDK may be found in the ONAP Jira at + +**Security Notes** + +*Fixed Security Issues* + +*Known Security Issues* + + * In default deployment CCSDK (netbox-nginx) exposes HTTP port 30420 outside of cluster. [`OJSI-160 `_] + * In default deployment CCSDK (cds-ui) exposes HTTP port 30497 outside of cluster. [`OJSI-196 `_] + * In default deployment CCSDK (cds-blueprints-processor-http) exposes HTTP port 30499 outside of cluster. [`OJSI-197 `_] + +*Known Vulnerabilities in Used Modules* + +Quick Links: + - `CCSDK project page `_ + + - `Passing Badge information for CCSDK `_ + + - `Project Vulnerability Review Table for CCSDK `_ + Version 0.4.4/0.4.5 ******************* :Release Date: 2019-06-13 @@ -12,7 +72,7 @@ Note: The Dublin version for most CCSDK repositories is 0.4.4, except for CDS wh **New Features** -The full list of Dublin epics and user stories for CCSDK maybe be found at . +The full list of Dublin epics and user stories for CCSDK may be found at . The following list summarizes some of the most significant epics: