From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Tue, 4 Jun 2019 23:38:31 +0000 (+0200)
Subject: Document OJSI-158 vulnerability
X-Git-Tag: 2.1.3~20^2
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=dmaap%2Fdatarouter.git;a=commitdiff_plain;h=398d0fe04789e3a108b0601c972022e1270bade6

Document OJSI-158 vulnerability

Issue-ID: OJSI-158
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Id40d25d3f7cc6abfc0d2a7e3654a5fd813ad797c
---

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 334daaa7..4f2ddb6f 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -52,6 +52,8 @@ Security Issues
 
 *Known Security Issues*
 
+- In default deployment DMAAP (dmaap-dr-prov) exposes HTTP port 30259 outside of cluster. [`OJSI-158 <https://jira.onap.org/browse/OJSI-158>`_]
+
 *Known Vulnerabilities in Used Modules*
 
 DMAAP code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been