Add El Alto release notes

Issue-ID: OOM-2103
Signed-off-by: Mike Elliott <mike.elliott@amdocs.com>
Change-Id: I9a378602c8d73df4df2fef4fcf52b88fa5000eb6

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 01e3524..259f637 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -10,6 +10,46 @@
 ONAP Operations Manager Release Notes
 =====================================
 
+Version 5.0.1 (El Alto Release)
+----------------------------------
+
+:Release Date: 2019-10-10
+
+Summary
+-------
+
+The focus of this release was on maintanence and as such no new features were delivered.
+A list of issues resolved in this release can be found here: https://jira.onap.org/projects/OOM/versions/10726
+
+**New Features**
+
+**Bug Fixes**
+
+* 25 defects addressed (see link above)
+
+**Security Notes**
+
+*Fixed Security Issues*
+
+*Known Security Issues*
+
+* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
+* Hard coded password used for all oom deployments [`OJSI-188 <https://jira.onap.org/browse/OJSI-188>`_]
+* CVE-2019-12127 - OOM exposes unprotected API/UI on port 30270 [`OJSI-202 <https://jira.onap.org/browse/OJSI-202>`_]
+
+*Known Vulnerabilities in Used Modules*
+
+OOM code has been formally scanned during build time using NexusIQ and no
+Critical vulnerability was found.
+
+Quick Links:
+
+  - `OOM project page <https://wiki.onap.org/display/DW/ONAP+Operations+Manager+Project>`_
+
+  - `Passing Badge information for OOM <https://bestpractices.coreinfrastructure.org/en/projects/1631>`_
+
+
+
 Version 5.0.0 (El Alto Early Drop)
 ----------------------------------