Uploaded image for project: 'Release Requirements'
  1. Release Requirements
  2. REQ-439

CONTINUATION OF PACKAGES UPGRADES IN DIRECT DEPENDENCIES

    XMLWordPrintable

Details

    • Update vulnerable direct dependencies
    • Best Practice (global - all code)
    • 1
    • Not required
    • Original Scope
    • XS
    • GO
    • GO
    • GO

    Description

      Description of Use Case / Requirement:

      Each project will update the vulnerable direct dependencies in their code base following the recommendations of SECCOM documented in individual project pages under Honolulu Package Updates in the protected Security Vulnerabilities space.

      Each project should reference their page for the policy description and correlation with ONAP release milestones.

      Submit a LF Ticket for access to the Security Vulnerabilities space.

      Owners (one of these should be the Assignee - use @ notation): zwarico , Pawel_P

       

      Link to HLD/LLD (if any):

       

      Dependency Relationships with Other Projects:

       

      Project Impact (Test Only (TO), Code (C)): C **

       

      Support Status for each Affected Project (Supported (S); Partially Supported (P); Not Supported (N)):

      Note: for any affected projects labeled 'P' or 'N', please document the resulting gaps.

       

      Integration Leads (use @ notation): 

       

      Company Engagement: 

       

       

      Attachments

        Issue Links

          clones

          Epic - Created by Jira Software - do not edit or delete. Issue type for a big user story that needs to be broken down. REQ-323 Each project will update the vulnerable direct dependencies in their code base

          • Highest - Catastrophic defect that causes total failure of the software or unrecoverable data loss with no available workaround. Complete shut-down of the process, nothing can proceed further. Blocks testing of the product / feature. Must be fixed in the next build.
          • Done
          is blocked by

          Task - A task that needs to be done. REQ-863 PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR ISTANBUL

          • Highest - Catastrophic defect that causes total failure of the software or unrecoverable data loss with no available workaround. Complete shut-down of the process, nothing can proceed further. Blocks testing of the product / feature. Must be fixed in the next build.
          • In Progress

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. ONAPARC-656 (Honolulu-R8) - NF - CONTINUATION OF PACKAGES UPGRADES IN DIRECT DEPENDENCIES

          • Highest - Catastrophic defect that causes total failure of the software or unrecoverable data loss with no available workaround. Complete shut-down of the process, nothing can proceed further. Blocks testing of the product / feature. Must be fixed in the next build.
          • Closed

          Task - A task that needs to be done. REQ-1397 PACKAGES UPGRADES IN DIRECT DEPENDENCIES FOR LONDON RELEASE

          • Highest - Catastrophic defect that causes total failure of the software or unrecoverable data loss with no available workaround. Complete shut-down of the process, nothing can proceed further. Blocks testing of the product / feature. Must be fixed in the next build.
          • To Do
          relates to

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. DCAEGEN2-2551 REQ-439 DCAE Vulnerability updates for Honolulu

          • Medium - Failure of non-critical aspects of the system but results in an inconvenient situation. It causes some undesirable behavior, but the system is still functional. There is a reasonably satisfactory workaround. It is still a valid defect that should be corrected May be fixed after the release or in the next release.
          • Closed

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. MODELING-525 continuation of packages upgrades in direct dependencies

          • Medium - Failure of non-critical aspects of the system but results in an inconvenient situation. It causes some undesirable behavior, but the system is still functional. There is a reasonably satisfactory workaround. It is still a valid defect that should be corrected May be fixed after the release or in the next release.
          • Closed

          Task - A task that needs to be done. OPTFRA-905 REQ-439 OOF - Fix Security Vulnerabilities

          • Medium - Failure of non-critical aspects of the system but results in an inconvenient situation. It causes some undesirable behavior, but the system is still functional. There is a reasonably satisfactory workaround. It is still a valid defect that should be corrected May be fixed after the release or in the next release.
          • Closed

          Story - Created by Jira Software - do not edit or delete. Issue type for a user story. VFC-1849 continuation of packages upgrades in direct dependencies

          • Medium - Failure of non-critical aspects of the system but results in an inconvenient situation. It causes some undesirable behavior, but the system is still functional. There is a reasonably satisfactory workaround. It is still a valid defect that should be corrected May be fixed after the release or in the next release.
          • Closed

          Task - A task that needs to be done. SDC-3647 Fix 'Security - Critical vulnerabilities' in 'onap-sdc-sdc-helm-validator'

          • High - Severely impaired functionality. Erratic performance and reduced system availability. It may cause major components or features of the system to be unavailable although certain parts of the system remain functional. A workaround may exist but its use is unsatisfactory or at a high time cost (manual intervention required). Must be fixed in any of the upcoming builds and should be included in the current release.
          • Closed

          Task - A task that needs to be done. CCSDK-3585 Resolve all Global Requirement impacts

          • Medium - Failure of non-critical aspects of the system but results in an inconvenient situation. It causes some undesirable behavior, but the system is still functional. There is a reasonably satisfactory workaround. It is still a valid defect that should be corrected May be fixed after the release or in the next release.
          • Closed
          mentioned in

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          Page Loading...

          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              zwarico Amy Zwarico
              Pawel_P Pawel Pawlak
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated: