From: Krzysztof Opasiak <k.opasiak@samsung.com>
Date: Wed, 5 Jun 2019 21:44:18 +0000 (+0200)
Subject: Document OJSI-134 vulnerability
X-Git-Tag: 4.0.0-ONAP~17^2
X-Git-Url: https://gerrit.onap.org/r/gitweb?p=oom.git;a=commitdiff_plain;h=db952f6a0a8099b26f216b980192a0d06dfc5c23

Document OJSI-134 vulnerability

Issue-ID: OJSI-134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ic48733b90bc80836fadb78c085b378180c5cb1c3
---

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 0261b2a442..339925ad5f 100644
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -53,6 +53,8 @@ Summary
 
 *Known Security Issues*
 
+* In default deployment OOM (consul-server-ui) exposes HTTP port 30270 outside of cluster. [`OJSI-134 <https://jira.onap.org/browse/OJSI-134>`_]
+
 *Known Vulnerabilities in Used Modules*
 
 OOM code has been formally scanned during build time using NexusIQ and no