From: Krzysztof Opasiak Date: Thu, 6 Jun 2019 00:19:55 +0000 (+0200) Subject: Improve security release notes X-Git-Tag: 1.4.1~29 X-Git-Url: https://gerrit.onap.org/r/gitweb?p=multicloud%2Fframework.git;a=commitdiff_plain;h=3f04bbfa0d77893924fad68bc4d42d9b985195bd Improve security release notes In order to provide users with more details of project's state in terms of security let's divide the security release notes into three sections: - Fixed Security Issues Contains a list of security fixes merged during this release (especially those reported via OJSI tickets). - Known Security Issues Contains a list of vulnerabilities detected in project during release which have not been fixed yet and thus should be mitigated by the user. - Known Vulnerabilities in Used Modules Contains information about NexusIQ scan results Issue-ID: SECCOM-238 Signed-off-by: Krzysztof Opasiak Change-Id: I1949a66f894ab3765228d0d210812c875fd59bce --- diff --git a/docs/Release Notes.rst b/docs/Release Notes.rst index b32e1fa..ccfec75 100644 --- a/docs/Release Notes.rst +++ b/docs/Release Notes.rst @@ -387,6 +387,12 @@ None **Security Notes** +*Fixed Security Issues* + +*Known Security Issues* + +*Known Vulnerabilities in Used Modules* + MULTICLOUD code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive.