Merge "Document OJSI-202 (CVE-2019-12127) vulnerability"

author Sylvain Desbureaux <sylvain.desbureaux@orange.com>

Thu, 4 Jul 2019 11:15:47 +0000 (11:15 +0000)

committer Gerrit Code Review <gerrit@onap.org>

Thu, 4 Jul 2019 11:15:47 +0000 (11:15 +0000)
author Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Thu, 4 Jul 2019 11:15:47 +0000 (11:15 +0000)
committer Gerrit Code Review <gerrit@onap.org>
Thu, 4 Jul 2019 11:15:47 +0000 (11:15 +0000)
diff --git a/docs/release-notes.rst b/docs/release-notes.rst

index 37d8b3f..dc10400 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -55,6 +55,7 @@ Summary
  
  * In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
  * Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
  
  *Known Vulnerabilities in Used Modules*
author	Sylvain Desbureaux <sylvain.desbureaux@orange.com>
	Thu, 4 Jul 2019 11:15:47 +0000 (11:15 +0000)
committer	Gerrit Code Review <gerrit@onap.org>
	Thu, 4 Jul 2019 11:15:47 +0000 (11:15 +0000)