Document fixed OJSI tickets

author Krzysztof Opasiak <k.opasiak@samsung.com>

Sat, 5 Oct 2019 21:52:06 +0000 (23:52 +0200)

committer Manoop Talasila <talasila@research.att.com>

Wed, 9 Oct 2019 15:27:54 +0000 (15:27 +0000)
author Krzysztof Opasiak <k.opasiak@samsung.com>
Sat, 5 Oct 2019 21:52:06 +0000 (23:52 +0200)
committer Manoop Talasila <talasila@research.att.com>
Wed, 9 Oct 2019 15:27:54 +0000 (15:27 +0000)
diff --git a/docs/release-notes.rst b/docs/release-notes.rst

index 7236d84..79b2b18 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -34,6 +34,9 @@ Maintanance release with bug fixes and security enhancements.
  
  *Fixed Security Issues*
  
+        * CVE-2019-12122 - ONAP Portal allows to retrieve password of currently active user [`OJSI-65 <https://jira.onap.org/browse/OJSI-65>`_]
+        * CVE-2019-12121 - ONAP Portal is vulnerable for Padding Oracle attack [`OJSI-92 <https://jira.onap.org/browse/OJSI-92>`_]
+
  *Known Security Issues*
  
  *Known Vulnerabilities in Used Modules*
author	Krzysztof Opasiak <k.opasiak@samsung.com>
	Sat, 5 Oct 2019 21:52:06 +0000 (23:52 +0200)
committer	Manoop Talasila <talasila@research.att.com>
	Wed, 9 Oct 2019 15:27:54 +0000 (15:27 +0000)