In order to provide users with more details of project's state in
terms of security let's divide the security release notes into three
sections:
- Fixed Security Issues
Contains a list of security fixes merged during this
release (especially those reported via OJSI tickets).
- Known Security Issues
Contains a list of vulnerabilities detected in project during
release which have not been fixed yet and thus should be mitigated
by the user.
- Known Vulnerabilities in Used Modules
Contains information about NexusIQ scan results
Issue-ID: SECCOM-238
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I12263a650c5571ba04c0a1f5ae43c16c5fb2e749
N/A
Security Issues
+
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+*Known Vulnerabilities in Used Modules*
+
DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been
addressed, items that remain open have been assessed for risk and determined to be false positive. The DMAAP open
Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=42598688>`_.