Merge "Document fixed OJSI-157 vulnerability"

[policy/engine.git] / docs / release-notes.rst

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 8fa1911..bee82b2 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -130,6 +130,9 @@ The following bug fixes have been deployed with this release:
 
 *Fixed Security Issues*
 
+    * `[OJSI-117] <https://jira.onap.org/browse/OJSI-117>`_ - In default deployment POLICY (nexus) exposes HTTP port 30236 outside of cluster.
+    * `[OJSI-157] <https://jira.onap.org/browse/OJSI-157>`_ - In default deployment POLICY (policy-api) exposes HTTP port 30240 outside of cluster.
+
 *Known Security Issues*
 
 *Known Vulnerabilities in Used Modules*
@@ -149,6 +152,7 @@ The following known issues will be addressed in a future release:
     * `[POLICY-1291] - <https://jira.onap.org/browse/POLICY-1291>`_ Maven Error when building Apex documentation in Windows
     * `[POLICY-1650] - <https://jira.onap.org/browse/POLICY-1650>`_ Policy UI doesn't show left menu or any content
     * `[POLICY-1725] - <https://jira.onap.org/browse/POLICY-1725>`_ XACML PDP returns 500 vs 400 for bad syntax JSON
+    * `[POLICY-1795] - <https://jira.onap.org/browse/POLICY-1795>`_ PAP: bounced apex and xacml pdps show deleted instance in pdp status through APIs.