docs/release-notes.rst

   1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
   2
   3 Release Notes
   4 =============
   5
   6 Version 1.5.3
   7 -------------
   8 :Release Date: 2019-06-13
   9
  10 **New Features**
  11
  12 The full list of Dublin epics and user stories for SDNC maybe be found at <https://jira.onap.org/issues/?filter=11803>.
  13
  14 The following list summarizes some of the most significant epics:
  15
  16 +------------+----------------------------------------------------------------------------+
  17 | Jira #     | Abstract                                                                   |
  18 +============+============================================================================+
  19 | [SDNC-551] | OpenDaylight Fluorine Support                                              |
  20 +------------+----------------------------------------------------------------------------+
  21 | [SDNC-564] | 5G Use Case                                                                |
  22 +------------+----------------------------------------------------------------------------+
  23 | [SDNC-565] | CCVPN Use Case Extension                                                   |
  24 +------------+----------------------------------------------------------------------------+
  25 | [SDNC-570] | SDN-R: Server side component                                               |
  26 +------------+----------------------------------------------------------------------------+
  27 | [SDNC-579] | SDN-R : UX-Client                                                          |
  28 +------------+----------------------------------------------------------------------------+
  29 | [SDNC-631] | SDNC support for the PNF Use Case Network Assign for Plug and Play feature |
  30 +------------+----------------------------------------------------------------------------+
  31
  32
  33 **Bug Fixes**
  34 The full list of bug fixes in the SDNC Dublin release may be found at <https://jira.onap.org/issues/?filter=11805>
  35
  36 **Known Issues**
  37 The full list of known issues in SDNC may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11119>
  38
  39 **Security Notes**
  40
  41 *Fixed Security Issues*
  42
  43 - CVE-2019-12132 `OJSI-41 <https://jira.onap.org/browse/OJSI-41>`_ SDNC service allows for arbitrary code execution in sla/dgUpload form
  44   Fixed temporarily by disabling admportal
  45 - CVE-2019-12123 `OJSI-42 <https://jira.onap.org/browse/OJSI-42>`_ SDNC service allows for arbitrary code execution in sla/printAsXml form
  46   Fixed temporarily by disabling admportal
  47 - CVE-2019-12113 `OJSI-43 <https://jira.onap.org/browse/OJSI-43>`_ SDNC service allows for arbitrary code execution in sla/printAsGv form
  48   Fixed temporarily by disabling admportal
  49 - `OJSI-91 <https://jira.onap.org/browse/OJSI-91>`_ SDNC exposes unprotected API for user creation
  50   Fixed temporarily by disabling admportal
  51 - `OJSI-98 <https://jira.onap.org/browse/OJSI-98>`_ In default deployment SDNC (sdnc-portal) exposes HTTP port 30201 outside of cluster.
  52   Fixed temporarily by disabling admportal
  53 - CVE-2019-12112 `OJSI-199 <https://jira.onap.org/browse/OJSI-199>`_ SDNC service allows for arbitrary code execution in sla/upload form
  54   Fixed temporarily by disabling admportal
  55
  56 *Known Security Issues*
  57
  58 - `OJSI-34 <https://jira.onap.org/browse/OJSI-34>`_ Multiple SQL Injection issues in SDNC
  59 - `OJSI-99 <https://jira.onap.org/browse/OJSI-99>`_ In default deployment SDNC (sdnc) exposes HTTP port 30202 outside of cluster.
  60 - `OJSI-100 <https://jira.onap.org/browse/OJSI-100>`_ In default deployment SDNC (sdnc-dgbuilder) exposes HTTP port 30203 outside of cluster.
  61 - `OJSI-179 <https://jira.onap.org/browse/OJSI-179>`_ dev-sdnc-sdnc exposes JDWP on port 1830 which allows for arbitrary code execution
  62
  63 *Known Vulnerabilities in Used Modules*
  64
  65 Quick Links:
  66
  67 - `SDNC project page <https://wiki.onap.org/display/DW/Software+Defined+Network+Controller+Project>`_
  68 - `Passing Badge information for SDNC <https://bestpractices.coreinfrastructure.org/en/projects/1703>`_
  69 - `Project Vulnerability Review Table for Casablanca Release <https://wiki.onap.org/pages/viewpage.action?pageId=45307811>`_
  70
  71 Version: 1.4.4
  72 --------------
  73
  74 **Bugs Fixes**
  75
  76 The following bugs are fixed in the SDNC Casablanca January 2019 maintenance release:
  77
  78 +------------+------------------------------------------------------------------------------------------+
  79 | Jira #     | Abstract                                                                                 |
  80 +============+==========================================================================================+
  81 | [SDNC-405] | SDNC API documentation is missing on ReadTheDocs                                         |
  82 +------------+------------------------------------------------------------------------------------------+
  83 | [SDNC-523] | vnf-information.vnf-id validation check should not be mandatory in validate-vnf-input DG |
  84 +------------+------------------------------------------------------------------------------------------+
  85 | [SDNC-532] | oof query failed due to hostname change, returning unknown host                          |
  86 +------------+------------------------------------------------------------------------------------------+
  87 | [SDNC-534] | wrong "input" field in DMaaP message template                                            |
  88 +------------+------------------------------------------------------------------------------------------+
  89 | [SDNC-536] | Upgrade zjsonpatch version to remediate vulnerabilities                                  |
  90 +------------+------------------------------------------------------------------------------------------+
  91 | [SDNC-537] | Update to spring-boot 2.1.0-RELEASE                                                      |
  92 +------------+------------------------------------------------------------------------------------------+
  93 | [SDNC-540] | CCVPN closed loop testing failed.                                                        |
  94 +------------+------------------------------------------------------------------------------------------+
  95 | [SDNC-542] | [PORT] Network Discovery microservice does not log                                       |
  96 +------------+------------------------------------------------------------------------------------------+
  97 | [SDNC-546] | CCVPN bugs fix for manual free integration test                                          |
  98 +------------+------------------------------------------------------------------------------------------+
  99 | [SDNC-549] | Retain MD-SAL data on pod recreate                                                       |
 100 +------------+------------------------------------------------------------------------------------------+
 101
 102
 103
 104 Version: 1.4.3
 105 --------------
 106
 107
 108 :Release Date: 2018-11-30
 109
 110 **New Features**
 111
 112 The Casablanca release of SDNC introduces the following new features:
 113
 114         - Network Discovery, in support of POMBA
 115         - Support for CCVPN use case
 116         - Change Management enhancements
 117
 118 **Bug Fixes**
 119
 120 The list of bugs fixed in the SDNC Casablanca release may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11544>
 121
 122
 123 **Known Issues**
 124
 125 The list of known issues in the SDNC project may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11119>
 126
 127
 128 **Security Notes**
 129
 130 SDNC code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The SDNC open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45307811>`_.
 131
 132 Quick Links:
 133
 134 - `SDNC project page <https://wiki.onap.org/display/DW/Software+Defined+Network+Controller+Project>`_
 135 - `Passing Badge information for SDNC <https://bestpractices.coreinfrastructure.org/en/projects/1703>`_
 136 - `Project Vulnerability Review Table for Casablanca Release <https://wiki.onap.org/pages/viewpage.action?pageId=45307811>`_
 137
 138 **Upgrade Notes**
 139    NA
 140
 141 **Deprecation Notes**
 142    NA
 143
 144 **Other**
 145    NA
 146
 147 Version: 1.3.4
 148 --------------
 149
 150
 151 :Release Date: 2018-07-06
 152
 153 **New Features**
 154
 155 The full list of SDNC Beijing Epics and user stories can be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=10791>.  The
 156 following table lists the major features included in the Beijing release.
 157
 158 +------------+-------------------------------------------------------------------------------------------------------------+
 159 | Jira #     | Abstract                                                                                                    |
 160 +============+=============================================================================================================+
 161 | [SDNC-278] | Change management in-place software upgrade execution using Ansible <https://jira.onap.org/browse/SDNC-278> |
 162 +------------+-------------------------------------------------------------------------------------------------------------+
 163 | [SDNC-163] | Deploy a SDN-C high availability environment - Kubernetes <https://jira.onap.org/browse/SDNC-163>           |
 164 +------------+-------------------------------------------------------------------------------------------------------------+
 165
 166
 167 **Bug Fixes**
 168
 169 The list of bugs fixed in the SDNC Beijing release may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11118>
 170
 171
 172 **Known Issues**
 173
 174 +------------+----------------------------------------------------------------------------------------------------------------------------------+
 175 | Jira #     | Abstract                                                                                                                         |
 176 +============+==================================================================================================================================+
 177 | [SDNC-324] | IPV4_ADDRESS_POOL is empty <https://jira.onap.org/browse/SDNC-324>                                                               |
 178 +------------+----------------------------------------------------------------------------------------------------------------------------------+
 179 | [SDNC-321] | dgbuilder won't save DG <https://jira.onap.org/browse/SDNC-321>                                                                  |
 180 +------------+----------------------------------------------------------------------------------------------------------------------------------+
 181 | [SDNC-304] | SDNC OOM intermittent Healthcheck failure - JSONDecodeError - on different startup order <https://jira.onap.org/browse/SDNC-304> |
 182 +------------+----------------------------------------------------------------------------------------------------------------------------------+
 183 | [SDNC-115] | VNFAPI DGs contain plugin references to software not part of ONAP <https://jira.onap.org/browse/SDNC-115>                        |
 184 +------------+----------------------------------------------------------------------------------------------------------------------------------+
 185 | [SDNC-114] | Generic API DGs contain plugin references to software not part of ONAP <https://jira.onap.org/browse/SDNC-114>                   |
 186 +------------+----------------------------------------------------------------------------------------------------------------------------------+
 187 | [SDNC-106] | VNFAPI DGs contain old openecomp and com.att based plugin references <https://jira.onap.org/browse/SDNC-106>                     |
 188 +------------+----------------------------------------------------------------------------------------------------------------------------------+
 189 | [SDNC-64]  | SDNC is not setting FromApp identifier in logging MDC <https://jira.onap.org/browse/SDNC-64>                                     |
 190 +------------+----------------------------------------------------------------------------------------------------------------------------------+
 191
 192
 193 **Security Notes**
 194
 195 SDNC code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The SDNC open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28379582>`_.
 196
 197 Quick Links:
 198
 199 - `SDNC project page <https://wiki.onap.org/display/DW/Software+Defined+Network+Controller+Project>`_
 200 - `Passing Badge information for SDNC <https://bestpractices.coreinfrastructure.org/en/projects/1703>`_
 201 - `Project Vulnerability Review Table for SDNC <https://wiki.onap.org/pages/viewpage.action?pageId=28379582>`_
 202
 203 **Upgrade Notes**
 204         NA
 205
 206 **Deprecation Notes**
 207         NA
 208
 209 **Other**
 210         NA
 211
 212 Version: 1.2.1
 213 --------------
 214
 215 :Release Date: 2018-01-18
 216
 217 **Bug Fixes**
 218
 219 - `SDNC-145 <https://jira.onap.org/browse/SDNC-145>`_ Error message refers to wrong parameters
 220 - `SDNC-195 <https://jira.onap.org/browse/SDNC-195>`_ UEB listener doesn't insert correct parameters for allotted resources in DB table ALLOTTED_RESOURCE_MODEL
 221 - `SDNC-198 <https://jira.onap.org/browse/SDNC-198>`_ CSIT job fails
 222 - `SDNC-201 <https://jira.onap.org/browse/SDNC-201>`_ Fix DG bugs from integration tests
 223 - `SDNC-202 <https://jira.onap.org/browse/SDNC-202>`_ Search for service -data null match, set vGW LAN IP via Heat
 224 - `SDNC-211 <https://jira.onap.org/browse/SDNC-211>`_ Update SDNC Amsterdam branch to use maintenance release versions
 225 - `SDNC-212 <https://jira.onap.org/browse/SDNC-212>`_ Duplicate file name
 226
 227 Version: 1.2.0
 228 --------------
 229
 230 :Release Date: 2017-11-16
 231
 232 **New Features**
 233
 234 The ONAP Amsterdam release introduces the following changes to SDNC from
 235 the original openECOMP seed code:
 236    - Refactored / moved common platform code to new CCSDK project
 237    - Refactored code to rename openecomp to onap
 238    - Introduced new GENERIC-RESOURCE-API api, used by vCPE and VoLTE use cases
 239    - Introduced new docker containers for SDC and DMAAP interfaces
 240
 241 **Bug Fixes**
 242         NA
 243 **Known Issues**
 244 The following known high priority issues are being worked and are expected to be delivered
 245 in release 1.2.1:
 246 - `SDNC-179 <https://jira.onap.org/browse/SDNC-179>`_ Failed to make HTTPS connection in restapicall node
 247 - `SDNC-181 <https://jira.onap.org/browse/SDNC-181>`_ Change call to brg-wan-ip-address vbrg-wan-ip brg topo activate DG
 248 - `SDNC-182 <https://jira.onap.org/browse/SDNC-182>`_ Fix VNI Consistency: Add vG vxlan tunnel setup and bridge domain setup to brg-topo-activate DG
 249
 250 **Security Issues**
 251         NA
 252
 253 **Upgrade Notes**
 254         NA
 255
 256 **Deprecation Notes**
 257         NA
 258
 259 **Other**
 260         NA