Code Review / portal.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | patch | inline | side by side (parent: e93abc7)
Document OJSI-190 vulnerability 95/88895/1
authorKrzysztof Opasiak <k.opasiak@samsung.com>
Thu, 30 May 2019 13:29:12 +0000 (15:29 +0200)
committerKrzysztof Opasiak <k.opasiak@samsung.com>
Thu, 30 May 2019 13:36:36 +0000 (15:36 +0200)
Issue-ID: OJSI-190
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I1c586793b744a5807e7b1a7a1d416dfd43409ab0

docs/release-notes.rst patch | blob | history

diff --git a/docs/release-notes.rst b/docs/release-notes.rst
index 0fdbe80..9502569 100644 (file)
--- a/docs/release-notes.rst
+++ b/docs/release-notes.rst
@@ -43,6 +43,7 @@ We worked on SDK upgrade to integrate with AAF. We partially implemented multi-l
        * In defult deployment PORTAL (portal-app) exposes HTTP port 30215 outside of cluster. [`OJSI-105 <https://jira.onap.org/browse/OJSI-105>`_]
        * In defult deployment PORTAL (portal-sdk) exposes HTTP port 30212 outside of cluster. [`OJSI-106 <https://jira.onap.org/browse/OJSI-106>`_]
        * CVE-2019-12318 - Number of SQL Injections in Portal [`OJSI-174 <https://jira.onap.org/browse/OJSI-174>`_]
+       * Portal stores users passwords encrypted instead of hashed [`OJSI-190 <https://jira.onap.org/browse/OJSI-190>`_]
 
 *Known Vulnerabilities in Used Modules*
 
ARCHIVED- 2022-02-15 at the request of the project