X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;f=releasenotes%2Fnotes%2FFixing_security_vulnerabilities-bdca2f49083e5b6d.yaml;fp=releasenotes%2Fnotes%2FFixing_security_vulnerabilities-bdca2f49083e5b6d.yaml;h=56944c32cd5f0850355007a467ea4e8a7aa1f4d4;hb=16d3a11b90ae38aeda1e35ef222605d698e292e1;hp=0000000000000000000000000000000000000000;hpb=ac0f7fc6d13aa8a3499ef6709ca5262a2a7d6253;p=osm%2FRO.git

diff --git a/releasenotes/notes/Fixing_security_vulnerabilities-bdca2f49083e5b6d.yaml b/releasenotes/notes/Fixing_security_vulnerabilities-bdca2f49083e5b6d.yaml
new file mode 100644
index 00000000..56944c32
--- /dev/null
+++ b/releasenotes/notes/Fixing_security_vulnerabilities-bdca2f49083e5b6d.yaml
@@ -0,0 +1,22 @@
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+---
+security:
+  - |
+    Fixing following RO security vulnerabilities. Improper Certificate Validation, jinja2 sets autoescape to False,
+    disabling SSL certificate checks, use of unsafe yaml load, try-except-pass detected, use of assert detected.
+