Release Notes
=============
-Version: 1.3.0
+Version 1.5.3
+-------------
+:Release Date: 2019-06-13
+
+**New Features**
+
+The full list of Dublin epics and user stories for SDNC maybe be found at <https://jira.onap.org/issues/?filter=11803>.
+
+The following list summarizes some of the most significant epics:
+
++------------+----------------------------------------------------------------------------+
+| Jira # | Abstract |
++============+============================================================================+
+| [SDNC-551] | OpenDaylight Fluorine Support |
++------------+----------------------------------------------------------------------------+
+| [SDNC-564] | 5G Use Case |
++------------+----------------------------------------------------------------------------+
+| [SDNC-565] | CCVPN Use Case Extension |
++------------+----------------------------------------------------------------------------+
+| [SDNC-570] | SDN-R: Server side component |
++------------+----------------------------------------------------------------------------+
+| [SDNC-579] | SDN-R : UX-Client |
++------------+----------------------------------------------------------------------------+
+| [SDNC-631] | SDNC support for the PNF Use Case Network Assign for Plug and Play feature |
++------------+----------------------------------------------------------------------------+
+
+
+**Bug Fixes**
+The full list of bug fixes in the SDNC Dublin release may be found at <https://jira.onap.org/issues/?filter=11805>
+
+**Known Issues**
+The full list of known issues in SDNC may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11119>
+
+**Security Notes**
+
+*Fixed Security Issues*
+
+- CVE-2019-12132 `OJSI-41 <https://jira.onap.org/browse/OJSI-41>`_ SDNC service allows for arbitrary code execution in sla/dgUpload form
+ Fixed temporarily by disabling admportal
+- CVE-2019-12123 `OJSI-42 <https://jira.onap.org/browse/OJSI-42>`_ SDNC service allows for arbitrary code execution in sla/printAsXml form
+ Fixed temporarily by disabling admportal
+- CVE-2019-12113 `OJSI-43 <https://jira.onap.org/browse/OJSI-43>`_ SDNC service allows for arbitrary code execution in sla/printAsGv form
+ Fixed temporarily by disabling admportal
+- `OJSI-91 <https://jira.onap.org/browse/OJSI-91>`_ SDNC exposes unprotected API for user creation
+ Fixed temporarily by disabling admportal
+- `OJSI-98 <https://jira.onap.org/browse/OJSI-98>`_ In default deployment SDNC (sdnc-portal) exposes HTTP port 30201 outside of cluster.
+ Fixed temporarily by disabling admportal
+- CVE-2019-12112 `OJSI-199 <https://jira.onap.org/browse/OJSI-199>`_ SDNC service allows for arbitrary code execution in sla/upload form
+ Fixed temporarily by disabling admportal
+
+*Known Security Issues*
+
+- `OJSI-34 <https://jira.onap.org/browse/OJSI-34>`_ Multiple SQL Injection issues in SDNC
+- `OJSI-99 <https://jira.onap.org/browse/OJSI-99>`_ In default deployment SDNC (sdnc) exposes HTTP port 30202 outside of cluster.
+- `OJSI-100 <https://jira.onap.org/browse/OJSI-100>`_ In default deployment SDNC (sdnc-dgbuilder) exposes HTTP port 30203 outside of cluster.
+
+*Known Vulnerabilities in Used Modules*
+
+Quick Links:
+
+- `SDNC project page <https://wiki.onap.org/display/DW/Software+Defined+Network+Controller+Project>`_
+- `Passing Badge information for SDNC <https://bestpractices.coreinfrastructure.org/en/projects/1703>`_
+- `Project Vulnerability Review Table for Casablanca Release <https://wiki.onap.org/pages/viewpage.action?pageId=45307811>`_
+
+Version: 1.4.4
+--------------
+
+**Bugs Fixes**
+
+The following bugs are fixed in the SDNC Casablanca January 2019 maintenance release:
+
++------------+------------------------------------------------------------------------------------------+
+| Jira # | Abstract |
++============+==========================================================================================+
+| [SDNC-405] | SDNC API documentation is missing on ReadTheDocs |
++------------+------------------------------------------------------------------------------------------+
+| [SDNC-523] | vnf-information.vnf-id validation check should not be mandatory in validate-vnf-input DG |
++------------+------------------------------------------------------------------------------------------+
+| [SDNC-532] | oof query failed due to hostname change, returning unknown host |
++------------+------------------------------------------------------------------------------------------+
+| [SDNC-534] | wrong "input" field in DMaaP message template |
++------------+------------------------------------------------------------------------------------------+
+| [SDNC-536] | Upgrade zjsonpatch version to remediate vulnerabilities |
++------------+------------------------------------------------------------------------------------------+
+| [SDNC-537] | Update to spring-boot 2.1.0-RELEASE |
++------------+------------------------------------------------------------------------------------------+
+| [SDNC-540] | CCVPN closed loop testing failed. |
++------------+------------------------------------------------------------------------------------------+
+| [SDNC-542] | [PORT] Network Discovery microservice does not log |
++------------+------------------------------------------------------------------------------------------+
+| [SDNC-546] | CCVPN bugs fix for manual free integration test |
++------------+------------------------------------------------------------------------------------------+
+| [SDNC-549] | Retain MD-SAL data on pod recreate |
++------------+------------------------------------------------------------------------------------------+
+
+
+
+Version: 1.4.3
--------------
+
+:Release Date: 2018-11-30
+
+**New Features**
+
+The Casablanca release of SDNC introduces the following new features:
+
+ - Network Discovery, in support of POMBA
+ - Support for CCVPN use case
+ - Change Management enhancements
+
+**Bug Fixes**
+
+The list of bugs fixed in the SDNC Casablanca release may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11544>
+
+
+**Known Issues**
+
+The list of known issues in the SDNC project may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11119>
+
+
+**Security Notes**
+
+SDNC code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The SDNC open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=45307811>`_.
+
+Quick Links:
+
+- `SDNC project page <https://wiki.onap.org/display/DW/Software+Defined+Network+Controller+Project>`_
+- `Passing Badge information for SDNC <https://bestpractices.coreinfrastructure.org/en/projects/1703>`_
+- `Project Vulnerability Review Table for Casablanca Release <https://wiki.onap.org/pages/viewpage.action?pageId=45307811>`_
+
+**Upgrade Notes**
+ NA
+
+**Deprecation Notes**
+ NA
+
+**Other**
+ NA
+
+Version: 1.3.4
+--------------
+
+
:Release Date: 2018-07-06
**New Features**
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| Jira # | Abstract |
-+=============+=========================================================================================================================+
-| [SDNC-278] | Change management in-place software upgrade execution using Ansible <https://jira.onap.org/browse/SDNC-278> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-275] | Unit tests for GenericResourceApiProvider class <https://jira.onap.org/browse/SDNC-275> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-266] | Junit Test Coverage for Epic SDNC-232 <https://jira.onap.org/browse/SDNC-266> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-250] | Multi-site High-availability - health-monitor reporting <https://jira.onap.org/browse/SDNC-250> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-223] | Maintain MD-SAL data across docker container upgrades <https://jira.onap.org/browse/SDNC-223> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-214] | Multi-site High-availability - Kubernetes Federation + Manual Failover (POC) <https://jira.onap.org/browse/SDNC-214> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-210] | Address issued identified by Sonar <https://jira.onap.org/browse/SDNC-210> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-163] | Deploy a SDN-C high availability environment - Kubernetes <https://jira.onap.org/browse/SDNC-163> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-53] | Convert Configuration Subsystem Dependency Injection to Blueprint <https://jira.onap.org/browse/SDNC-53> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-10] | Refactor MD-SAL applications to conform to current OpenDaylight archetype format <https://jira.onap.org/browse/SDNC-10> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-6] | Deploy a SDN-C high availability environment <https://jira.onap.org/browse/SDNC-6> |
-+-------------+-------------------------------------------------------------------------------------------------------------------------+
+The full list of SDNC Beijing Epics and user stories can be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=10791>. The
+following table lists the major features included in the Beijing release.
+
++------------+-------------------------------------------------------------------------------------------------------------+
+| Jira # | Abstract |
++============+=============================================================================================================+
+| [SDNC-278] | Change management in-place software upgrade execution using Ansible <https://jira.onap.org/browse/SDNC-278> |
++------------+-------------------------------------------------------------------------------------------------------------+
+| [SDNC-163] | Deploy a SDN-C high availability environment - Kubernetes <https://jira.onap.org/browse/SDNC-163> |
++------------+-------------------------------------------------------------------------------------------------------------+
+
**Bug Fixes**
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| Jira # | Abstract |
-+============+======================================================================================================================================================+
-| [SDNC-313] | LCM does not retrieve status from ansible-server correctly <https://jira.onap.org/browse/SDNC-313> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-311] | sdnc/features build fails <https://jira.onap.org/browse/SDNC-311> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-310] | General cleanup of SDNC helm charts <https://jira.onap.org/browse/SDNC-310> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-309] | ansible adapter properties file missing <https://jira.onap.org/browse/SDNC-309> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-308] | OOM: Update UEB and DMaaP charts to use new message-router name <https://jira.onap.org/browse/SDNC-308> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-306] | SDNC fails health check on HEAT deployment <https://jira.onap.org/browse/SDNC-306> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-305] | No model found for VF module customization UUID <https://jira.onap.org/browse/SDNC-305> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-303] | aaiclient.properties using wrong JKS <https://jira.onap.org/browse/SDNC-303> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-302] | SDNC VNF-API ssl certificate error updating AAI <https://jira.onap.org/browse/SDNC-302> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-299] | OOM deployment with 2+ MySQL instances fails when NFS provisioner disabled <https://jira.onap.org/browse/SDNC-299> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-298] | SDNC aaiclient.properties should reference v13 A&AI api <https://jira.onap.org/browse/SDNC-298> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-295] | Ansible server stops <https://jira.onap.org/browse/SDNC-295> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-293] | DMaaP listener not connecting to DMaaP in OOM deployment <https://jira.onap.org/browse/SDNC-293> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-292] | Daily build of unused sdnc/features repo fails <https://jira.onap.org/browse/SDNC-292> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-286] | OOM: SDN-C servers don't come up cleanly when enableClustering=true <https://jira.onap.org/browse/SDNC-286> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-285] | sdnc-dgbuilder container image error with onap/ccsdk-dgbuilder-image:0.2.1-SNAPSHOT <https://jira.onap.org/browse/SDNC-285> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-284] | sdnc-dgbuilder container image error with onap/ccsdk-dgbuilder-image:0.2.1-SNAPSHOT deleted from nexus3 <https://jira.onap.org/browse/SDNC-284> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-283] | SDNC fails CSIT <https://jira.onap.org/browse/SDNC-283> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-279] | sdnc docker build fails <https://jira.onap.org/browse/SDNC-279> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-277] | SDNC CSIT test fails <https://jira.onap.org/browse/SDNC-277> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-234] | DMAAP ID in dhcpalert.properties cannot contain "\_" <https://jira.onap.org/browse/SDNC-234> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-228] | Duplicate test file name <https://jira.onap.org/browse/SDNC-228> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-207] | generic-resource-api-model: failing on goal yang-maven-plugin - master only - force 1.2.0 over default 2.0.0 <https://jira.onap.org/browse/SDNC-207> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-203] | SDNC VM & Docker Containers Unstable <https://jira.onap.org/browse/SDNC-203> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-195] | brg-topology-operations deactivate does not pick up parameters correctly when creating AAI request <https://jira.onap.org/browse/SDNC-195> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-156] | unknown log fills up on failed DELETE <https://jira.onap.org/browse/SDNC-156> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-127] | Generated sources not placed under target directory breaks tooling apps <https://jira.onap.org/browse/SDNC-127> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-105] | Generic Resource API DGs contain old openecomp and com.att based plugin references <https://jira.onap.org/browse/SDNC-105> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-87] | Accessing invalid network-parameters from network-request-input, it should be network-input-parameters <https://jira.onap.org/browse/SDNC-87> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-73] | vnfapi: new feature to support softdelete <https://jira.onap.org/browse/SDNC-73> |
-+------------+------------------------------------------------------------------------------------------------------------------------------------------------------+
+The list of bugs fixed in the SDNC Beijing release may be found in the ONAP Jira at <https://jira.onap.org/issues/?filter=11118>
+
**Known Issues**
+------------+----------------------------------------------------------------------------------------------------------------------------------+
| Jira # | Abstract |
+============+==================================================================================================================================+
-| [SDNC-304] | SDNC OOM intermittent Healthcheck failure - JSONDecodeError - on different startup order <https://jira.onap.org/browse/SDNC-304> |
-+------------+----------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-291] | vCPE Model distribution error in UEB Listener SQL Insert <https://jira.onap.org/browse/SDNC-291> |
-+------------+----------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-290] | Fix nodePortPrefix in service yaml <https://jira.onap.org/browse/SDNC-290> |
+| [SDNC-324] | IPV4_ADDRESS_POOL is empty <https://jira.onap.org/browse/SDNC-324> |
+------------+----------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-246] | Passwords stored in clear text in properties files <https://jira.onap.org/browse/SDNC-246> |
+| [SDNC-321] | dgbuilder won't save DG <https://jira.onap.org/browse/SDNC-321> |
+------------+----------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-208] | SDNC preload - fix confusion: vnf-name=VF-Module, generic-vnf-name=VNF <https://jira.onap.org/browse/SDNC-208> |
-+------------+----------------------------------------------------------------------------------------------------------------------------------+
-| [SDNC-206] | REST calls from DG <https://jira.onap.org/browse/SDNC-206> |
+| [SDNC-304] | SDNC OOM intermittent Healthcheck failure - JSONDecodeError - on different startup order <https://jira.onap.org/browse/SDNC-304> |
+------------+----------------------------------------------------------------------------------------------------------------------------------+
| [SDNC-115] | VNFAPI DGs contain plugin references to software not part of ONAP <https://jira.onap.org/browse/SDNC-115> |
+------------+----------------------------------------------------------------------------------------------------------------------------------+
| [SDNC-64] | SDNC is not setting FromApp identifier in logging MDC <https://jira.onap.org/browse/SDNC-64> |
+------------+----------------------------------------------------------------------------------------------------------------------------------+
+
**Security Notes**
SDNC code has been formally scanned during build time using NexusIQ and all Critical vulnerabilities have been addressed, items that remain open have been assessed for risk and determined to be false positive. The SDNC open Critical security vulnerabilities and their risk assessment have been documented as part of the `project <https://wiki.onap.org/pages/viewpage.action?pageId=28379582>`_.
Quick Links:
+
- `SDNC project page <https://wiki.onap.org/display/DW/Software+Defined+Network+Controller+Project>`_
- `Passing Badge information for SDNC <https://bestpractices.coreinfrastructure.org/en/projects/1703>`_
- `Project Vulnerability Review Table for SDNC <https://wiki.onap.org/pages/viewpage.action?pageId=28379582>`_
**Other**
NA
-
-
Code Review / sdnc / oam.git / blobdiff