Re: [onap-discuss] Update S3P for TSC

[Michael O'Brien]

Amy,
   Hi, the logging project has a sub-project called pomba – this project is 
releated to logging in that both projects do post transaction tracing (logging 
does requestID tracking across microservices, pomba does post orchestration 
audit tracing for VNF transactions).
   Pomba came in as seed code during Casablanca – there is no Beijing version.
   Pomba-sdnc-context-builder was one of the last of the 7 repos to come in – 
it is not part of the logging project (only the root repo is currently)  - 
around a month before the release started – it is part of Dublin but is in 
master – hence why you see the reports – they only run in master not a branch
    The pomba sdnc-cb image is only used in master (Dublin)
    The name SDNC-CB means it connects to SDNC – but it is not part of the SDNC 
project- most of the issues are inherited because of the versions we need to 
use to be able to formulate our rest calls and/or adhere to secure calls to 
other components like SDNC (an onap wide problem – not just with pomba rest 
calls).
     For compensating controls – as I said this will take time – I will need to 
go through the code specific to each vulnerability – James and Prudence are 
helping.   I think common issues across project should be consolidated and 
fixed at a higher level if you want this accelerated.
      Thank you
      /michael


From: ZWARICO, AMY <az9...@att.com>
Sent: Tuesday, November 27, 2018 9:37 AM
To: Michael O'Brien <frank.obr...@amdocs.com>; Gildas Lanilis 
<gildas.lani...@huawei.com>; onap-discuss@lists.onap.org
Cc: Stephen Terrill <stephen.terr...@ericsson.com>; pawel.pawl...@orange.com; 
Kenny Paul <kp...@linuxfoundation.org>
Subject: RE: Update S3P for TSC

Thank you for the update. You state that SDNC-CB is in the Dublin scope only. 
Does this mean that you do not use the SDNC-CB container in Logging? If so, 
does that mean that all of the vulnerabilities associated with SDNC-CB are 
false positives? Or does it mean that you are using the Beijing version of 
SDNC-CB and that the SDNC team did not fix the vulnerabilities known in the 
Beijing?

For all the exploitable vulnerabilities, please note the risk and any 
compensating controls that an ONAP user can put in place.

From: OBRIEN, FRANK MICHAEL
Sent: Monday, November 26, 2018 9:38 AM
To: ZWARICO, AMY <az9...@att.com<mailto:az9...@att.com>>; Gildas Lanilis 
<gildas.lani...@huawei.com<mailto:gildas.lani...@huawei.com>>; 
onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>
Cc: Stephen Terrill 
<stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>>; 
pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>; Kenny Paul 
<kp...@linuxfoundation.org<mailto:kp...@linuxfoundation.org>>
Subject: RE: Update S3P for TSC

Security page updated to 20181124 levels (what was fixed, what we are deferring 
– primarily sdnc-cb as this container is in Dublin scope only
https://wiki.onap.org/pages/viewpage.action?pageId=43385152<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.onap.org_pages_viewpage.action-3FpageId-3D43385152&d=DwMGaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=aM_CvPRRb6_llz-TzQjESSTQ0hPCBvFPSeVTnz4K7Kk&s=ykZEyfHCvMEQPRtlVk82Hq9WLnnxNAg8AbkccoAq7Dw&e=>

thank you
/michael

From: ZWARICO, AMY <az9...@att.com<mailto:az9...@att.com>>
Sent: Wednesday, November 21, 2018 5:00 PM
To: Gildas Lanilis 
<gildas.lani...@huawei.com<mailto:gildas.lani...@huawei.com>>; Michael O'Brien 
<frank.obr...@amdocs.com<mailto:frank.obr...@amdocs.com>>; 
onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>
Cc: Stephen Terrill 
<stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>>; 
pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>; Kenny Paul 
<kp...@linuxfoundation.org<mailto:kp...@linuxfoundation.org>>
Subject: RE: Update S3P for TSC

Michael, my email has been behaving strangely today. So sorry that I missed the 
fact that the link is to the protected page 
(https://wiki.onap.org/pages/viewpage.action?pageId=43387665<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.onap.org_pages_viewpage.action-3FpageId-3D43387665&d=DwMGaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=CVCiloIzl5VudJnXM-rsJmzhLQrHj2s2cmtUnLHoDbQ&s=2eVDaCTQEZ7gNeAthnwSDyupkQ-SweEzT1rIs8s7tsQ&e=>).
 You are not in violation of any licensing.  I look forward to your completing 
of the review table.

If you cannot fix an exploitable vulnerability, please note that in the table 
and describe the risk of exploit plus any compensating controls that an ONAP 
user could put in place to lessen the risk.

From: Gildas Lanilis [mailto:gildas.lani...@huawei.com]
Sent: Wednesday, November 21, 2018 3:53 PM
To: OBRIEN, FRANK MICHAEL 
<frank.obr...@amdocs.com<mailto:frank.obr...@amdocs.com>>; ZWARICO, AMY 
<az9...@att.com<mailto:az9...@att.com>>; 
onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>
Cc: Stephen Terrill 
<stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>>; 
pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>; Kenny Paul 
<kp...@linuxfoundation.org<mailto:kp...@linuxfoundation.org>>
Subject: RE: Update S3P for TSC

Hi Michael,

We has some licensing compliance with the tool we are using for the scan.
To circumvent the issue, we had to create a restricted to committers wiki space 
that embeds the “Artifact”, “Version”, and “Problem Code”. This helps committer 
to track exactly their issue.

For general audience, SECCOM team created an open to everyone, curated wiki 
page without the labeled “Artifact”, “Version”, and “Problem Code”. RN is 
ReadTheDocs will point toward the curated wiki page.

Hope this help.

Thanks,
Gildas
ONAP Release Manager
1 415 238 6287

From: Michael O'Brien [mailto:frank.obr...@amdocs.com]
Sent: Wednesday, November 21, 2018 4:48 AM
To: ZWARICO, AMY <az9...@att.com<mailto:az9...@att.com>>; Gildas Lanilis 
<gildas.lani...@huawei.com<mailto:gildas.lani...@huawei.com>>; 
onap-discuss@lists.onap.org<mailto:onap-discuss@lists.onap.org>
Cc: Stephen Terrill 
<stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>>; 
pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>; Kenny Paul 
<kp...@linuxfoundation.org<mailto:kp...@linuxfoundation.org>>
Subject: RE: Update S3P for TSC

Still a wip in my queue along with other work – I have almost finished details 
on the last couple ones for sdnc-context-builder – I find copying from the 
nexus-iq sections to this security page extremely tedious – figuring out each 
exploit and recommending a compensating control not in (upgrade to the latest, 
use an alternate) is going to take some time – especially with the pomba code 
and with re-integration testing - in hind sight I should have just labeled 
everything with an ignore action like some of the other teams.


I don’t understand what this issue is with the columns and links – the security 
page is not accessible to the public – hence why no one except committers can 
access the page.

  1.  Remove the columns labeled “Artifact”, “Version”, and “Problem Code”. 
This are fields that cannot be publicly accessible per the license.

I followed the existing template – there are other pages like a random pick 
below that contain these columns and links.
Are you saying that the logging page needs to be different from the rest of onap

https://wiki.onap.org/pages/viewpage.action?pageId=43387665<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.onap.org_pages_viewpage.action-3FpageId-3D43387665&d=DwMGaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=CVCiloIzl5VudJnXM-rsJmzhLQrHj2s2cmtUnLHoDbQ&s=2eVDaCTQEZ7gNeAthnwSDyupkQ-SweEzT1rIs8s7tsQ&e=>

Repository

Group

Artifact

Version

Problem Code

Impact Analysis

Action

modeling/toscaparsers

org.apache.tomcat.embed

tomcat-embed-core

8.5.28

CVE-2018-8014

No action, use previous release code



msb-apigateway

com.fasterxml.jackson.core

jackson-databind

2.9.4

Link<https://urldefense.proofpoint.com/v2/url?u=https-3A__nexus-2Diq.wl.linuxfoundation.org_assets_index.html-23_reports_msb-2Dapigateway_8e7c981bf15e44369bb6ca29d7895ea4&d=DwMGaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=CVCiloIzl5VudJnXM-rsJmzhLQrHj2s2cmtUnLHoDbQ&s=-5RklhDnXSk27Bz5aSjl4uZEpP_QsK9V3pYHDmUyNMw&e=>

SONATYPE-2017-0312


False Positive



From: ZWARICO, AMY <az9...@att.com<mailto:az9...@att.com>>
Sent: Tuesday, November 20, 2018 9:43 PM
To: Michael O'Brien <frank.obr...@amdocs.com<mailto:frank.obr...@amdocs.com>>; 
Gildas Lanilis <gildas.lani...@huawei.com<mailto:gildas.lani...@huawei.com>>
Cc: Stephen Terrill 
<stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>>; 
pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>; ZWARICO, AMY 
<az9...@att.com<mailto:az9...@att.com>>
Subject: RE: Update S3P for TSC

Thank you for your work on the vulnerability reviews. I need you to update the 
table at 
https://wiki.onap.org/pages/viewpage.action?pageId=43385152<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.onap.org_pages_viewpage.action-3FpageId-3D43385152&d=DwMGaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=U_OW-VJfgAvLT04a1ENvqQcfntVemN2nd5UKcGRa5KM&s=yf8mn8ChTJJUXpqp8CPUkYl8baXKI2NIu56j1JUrhp4&e=>.

  1.  Remove the links to NexusIQ reports.
  2.  Remove the columns labeled “Artifact”, “Version”, and “Problem Code”. 
This are fields that cannot be publicly accessible per the license.
  3.  Remove all entries about licenses.
  4.  Indicate if the vulnerability is a false positive (not exploitable from 
the logging code) or exploitable.
  5.  For all exploitable vulnerabilities, describe any compensating controls 
that a user of ONAP can put in place to reduce the risk of the vulnerability 
being exploited.
  6.  Make sure that all security vulnerabilities in the NexusIQ reports are 
accounted for in the Vulnerability review table.
Thank you for your attention to this.
Amy

From: OBRIEN, FRANK MICHAEL
Sent: Wednesday, November 14, 2018 11:29 PM
To: Gildas Lanilis 
<gildas.lani...@huawei.com<mailto:gildas.lani...@huawei.com>>; FORSYTH, JAMES 
<jf2...@att.com<mailto:jf2...@att.com>>; LANDO, MICHAEL 
<michael.la...@intl.att.com<mailto:michael.la...@intl.att.com>>; 
zhao.huab...@zte.com.cn<mailto:zhao.huab...@zte.com.cn>; TIMONEY, DAN 
<dt5...@att.com<mailto:dt5...@att.com>>; 
shen...@chinamobile.com<mailto:shen...@chinamobile.com>
Cc: ZWARICO, AMY <az9...@att.com<mailto:az9...@att.com>>; Stephen Terrill 
<stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>>; 
pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>; 'Yunxia Chen' 
<helen.c...@huawei.com<mailto:helen.c...@huawei.com>>; BARSKY, GEORA 
<geo...@amdocs.com<mailto:geo...@amdocs.com>>; MACNIDER, JAMES 
<james.macni...@amdocs.com<mailto:james.macni...@amdocs.com>>; AU, PRUDENCE 
<prudence...@amdocs.com<mailto:prudence...@amdocs.com>>; STANGL, DAVID 
<david.sta...@amdocs.com<mailto:david.sta...@amdocs.com>>; CHEN, YONG 
<yong.c...@amdocs.com<mailto:yong.c...@amdocs.com>>; CHISHOLM, SHARON 
<sharon.chish...@amdocs.com<mailto:sharon.chish...@amdocs.com>>
Subject: RE: Update S3P for TSC

Gildas, Amy,
   I updated the page for our 3rd pass through the CLM issues – there are some 
changes post the new CLM reports and the oparent change and the recent SDNC ssl 
changes.
   Based on the updates where I went through the 7 repo CLM reports in tedious 
detail – I think we should be switched to pass like the other teams – as most 
of our issues are common to onap.

https://wiki.onap.org/pages/viewpage.action?pageId=43385152<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.onap.org_pages_viewpage.action-3FpageId-3D43385152&d=DwMGaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=U_OW-VJfgAvLT04a1ENvqQcfntVemN2nd5UKcGRa5KM&s=yf8mn8ChTJJUXpqp8CPUkYl8baXKI2NIu56j1JUrhp4&e=>

   The table has 2 parts – the old baseline – which I would still like to go 
over and the new section at the top which is the current CLM state.
   There are 3 main areas
– spring boot 2.x upgrade related (this is big and is the same issue the rest 
of ONAP has around using 1.5.17 of the library – we are 1 of N for this

  *   Jackson databind – all of ONAP has an issue with this library – there is 
no good version – revisit an alternate in the near future
  *   Various jaxb, json, jms issues – half license related – most of these are 
in the sdnc pomba repo – this one needs to be fixed – James and I will work on 
this when we get time – along with the developers that put the most recent 
changes in.

We also need some action on a couple of the TSC issues (nexus-iq alternatives, 
clm access to nexus-iq and the wiki for contributors) that I raised jiras on.
/michael
From: Michael O'Brien
Sent: Wednesday, November 14, 2018 11:51 PM
To: 'Gildas Lanilis' 
<gildas.lani...@huawei.com<mailto:gildas.lani...@huawei.com>>; FORSYTH, JAMES 
<jf2...@att.com<mailto:jf2...@att.com>>; Lando,Michael 
<ml6...@intl.att.com<mailto:ml6...@intl.att.com>>; 
zhao.huab...@zte.com.cn<mailto:zhao.huab...@zte.com.cn>; TIMONEY, DAN 
<dt5...@att.com<mailto:dt5...@att.com>>; 
shen...@chinamobile.com<mailto:shen...@chinamobile.com>
Cc: ZWARICO, AMY <az9...@att.com<mailto:az9...@att.com>>; Stephen Terrill 
<stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>>; 
pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>; 'Yunxia Chen' 
<helen.c...@huawei.com<mailto:helen.c...@huawei.com>>
Subject: RE: Update S3P for TSC

Updating my page right now to redo all the false positive comments so they are 
more clear and also up to date with the new CLM results.

Also a pass on other projects is also required – as per our discussion on the 
moving target of CLM
For example the oparent project states that their CLM issues are the 
responsibility of the downstream projects.
I think either oparent keeps their versions current to fix CLM issues at the 
root so downstream can pick up the fix – or oparent stops assigning versions 
and leaves the CLM fix flexibility with the downstream projects. – the spring 
version is fixed for example
/michael

From: Gildas Lanilis 
<gildas.lani...@huawei.com<mailto:gildas.lani...@huawei.com>>
Sent: Wednesday, November 14, 2018 6:40 PM
To: FORSYTH, JAMES <jf2...@att.com<mailto:jf2...@att.com>>; Michael O'Brien 
<frank.obr...@amdocs.com<mailto:frank.obr...@amdocs.com>>; Lando,Michael 
<ml6...@intl.att.com<mailto:ml6...@intl.att.com>>; 
zhao.huab...@zte.com.cn<mailto:zhao.huab...@zte.com.cn>; TIMONEY, DAN 
<dt5...@att.com<mailto:dt5...@att.com>>; 
shen...@chinamobile.com<mailto:shen...@chinamobile.com>
Cc: ZWARICO, AMY <az9...@att.com<mailto:az9...@att.com>>; Stephen Terrill 
<stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>>; 
pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>
Subject: FW: Update S3P for TSC
Importance: High

Hi Jimmy, Michael O, Michael L, Huabing, Dan, Tao,

Following up on Vulnerabilities for Casablanca.
At this point in the release, I tend to think these vulnerabilities are not 
going to be fixed by code. However, I think what Amy, Pawel and Stephen would 
like to hear is about the usage of these vulnerable functions by ONAP code.

Please let us know and update accordingly your wiki page.

*Amy, Pawel, Stephen, let me know if I have missed interpreted your thoughts 
process.

Thanks,
Gildas
ONAP Release Manager
1 415 238 6287

From: ZWARICO, AMY [mailto:az9...@att.com]
Sent: Wednesday, November 14, 2018 12:06 PM
To: Gildas Lanilis 
<gildas.lani...@huawei.com<mailto:gildas.lani...@huawei.com>>; LEFEVRE, 
CATHERINE 
<catherine.lefe...@intl.att.com<mailto:catherine.lefe...@intl.att.com>>
Subject: FW: Update S3P for TSC



From: ZWARICO, AMY
Sent: Wednesday, November 14, 2018 1:58 PM
To: Stephen Terrill 
<stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>>; 'Pawlak 
Paweł 3 - Korpo' <pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>>
Cc: ZWARICO, AMY <az9...@att.com<mailto:az9...@att.com>>
Subject: RE: Update S3P for TSC

I’m re-sending the two updated docs just in case.

From: ZWARICO, AMY
Sent: Wednesday, November 14, 2018 1:55 PM
To: 'Stephen Terrill' 
<stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>>; 'Pawlak 
Paweł 3 - Korpo' <pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>>
Subject: RE: Update S3P for TSC

As of 11/14 we do not have the completed vulnerability reports for the 
following projects

  1.  AAI (Pawel)
  2.  Logging (Amy)
  3.  MSB (Amy)
  4.  SDC (Stephen)
  5.  SDNC (Stephen)
We do not have answers about secure communication from the following projects

  1.  UsecaseUI (Amy)

My updates are in the attached documents.

From: Stephen Terrill [mailto:stephen.terr...@ericsson.com]
Sent: Wednesday, November 14, 2018 6:20 AM
To: 'Pawlak Paweł 3 - Korpo' 
<pawel.pawl...@orange.com<mailto:pawel.pawl...@orange.com>>; ZWARICO, AMY 
<az9...@att.com<mailto:az9...@att.com>>
Subject: Update S3P for TSC

Hi,

We should have an update of the security S3P.  If you have updates, please 
provide.

BR,

Steve

[http://www.ericsson.com]<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ericsson.com_&d=DwMFBA&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=nemCAD95UhT9vjvfkkVLEGp-FpqrdMGCS0-4SaTLD3M&s=tiZZRBm_l3-uCkV1iJX83il-dGzvi-pTNqbrj4DPUDI&e=>

Stephen Terrill
Senior Expert, Automation and Management

TECHNOLOGY SPECIALIST
BDGS RDP Architecture & Technology
Phone: +34913393005
Mobile: +34609168515
stephen.terr...@ericsson.com<mailto:stephen.terr...@ericsson.com>

Ericsson
C/ Via de los Poblados 13. B
28033,Madrid, Madrid
Spain
ericsson.com<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ericsson.com_&d=DwMFBA&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=nemCAD95UhT9vjvfkkVLEGp-FpqrdMGCS0-4SaTLD3M&s=tiZZRBm_l3-uCkV1iJX83il-dGzvi-pTNqbrj4DPUDI&e=>

[http://www.ericsson.com/current_campaign]<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ericsson.com_current-5Fcampaign&d=DwMFBA&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=nemCAD95UhT9vjvfkkVLEGp-FpqrdMGCS0-4SaTLD3M&s=P89s_Blp9oEss7GPzsx7sFSIZ2KQ8uWQ59y1joYyU98&e=>

Our commitment to Technology for 
Good<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ericsson.com_thecompany_sustainability-2Dcorporateresponsibility&d=DwMFBA&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=nemCAD95UhT9vjvfkkVLEGp-FpqrdMGCS0-4SaTLD3M&s=3OjT1FPCv4CY75jJNlxwHlkKDCxMAdc18Bt6shJjitg&e=>
 and Diversity and 
Inclusion<https://urldefense.proofpoint.com/v2/url?u=http-3A__www.ericsson.com_thecompany_diversity-2Dinclusion&d=DwMFBA&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=nemCAD95UhT9vjvfkkVLEGp-FpqrdMGCS0-4SaTLD3M&s=epJIhJ-QW0v5JWQz8p8BOJKnVQcDpzmqrKoN746RJS4&e=>
 contributes to positive change.
Follow us on: 
Facebook<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.facebook.com_ericsson&d=DwMFBA&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=nemCAD95UhT9vjvfkkVLEGp-FpqrdMGCS0-4SaTLD3M&s=qmkdDfOBP5MNTCYI6AMEXGcT945PZilV_OiW4DwHxFQ&e=>
 
LinkedIn<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.linkedin.com_company_ericsson&d=DwMFBA&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=nemCAD95UhT9vjvfkkVLEGp-FpqrdMGCS0-4SaTLD3M&s=t99h7AELromsGXdFikAd96usA6rUUsGVNfdh8Dp8fE0&e=>
 
Twitter<https://urldefense.proofpoint.com/v2/url?u=https-3A__twitter.com_Ericsson&d=DwMFBA&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=nemCAD95UhT9vjvfkkVLEGp-FpqrdMGCS0-4SaTLD3M&s=mkZeGwUHasLzToCNrE6b3rWVaoOLzj7l7ym0OY09LDM&e=>

Legal entity:ERICSSON AB registration number 556056-6258, registered office in 
Stockholm.
This communication is confidential. Our email terms: 
www.ericsson.com/en/legal/privacy/email-disclaimer<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.ericsson.com_en_legal_privacy_email-2Ddisclaimer&d=DwMFBA&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=nemCAD95UhT9vjvfkkVLEGp-FpqrdMGCS0-4SaTLD3M&s=L_HnCXWQcwDgMHbYJvqWPgLwmrkSGPSfMm2-byCzpb4&e=>

“Amdocs’ email platform is based on a third-party, worldwide, cloud-based 
system. Any emails sent to Amdocs will be processed and stored using such 
system and are accessible by third party providers of such system on a limited 
basis. Your sending of emails to Amdocs evidences your consent to the use of 
such system and such processing, storing and access”.

“Amdocs’ email platform is based on a third-party, worldwide, cloud-based 
system. Any emails sent to Amdocs will be processed and stored using such 
system and are accessible by third party providers of such system on a limited 
basis. Your sending of emails to Amdocs evidences your consent to the use of 
such system and such processing, storing and access”.
This email and the information contained herein is proprietary and confidential 
and subject to the Amdocs Email Terms of Service, which you may review at 
https://www.amdocs.com/about/email-terms-of-service<https://urldefense.proofpoint.com/v2/url?u=https-3A__www.amdocs.com_about_email-2Dterms-2Dof-2Dservice&d=DwMGaQ&c=LFYZ-o9_HUMeMTSQicvjIg&r=PJ-KGa4esrIcYgd1dEzHLA&m=aM_CvPRRb6_llz-TzQjESSTQ0hPCBvFPSeVTnz4K7Kk&s=erenkvrL3GjfZYq9Ai7wdmS3_X_PlB16IhvSlzSQvL0&e=>
This email and the information contained herein is proprietary and confidential 
and subject to the Amdocs Email Terms of Service, which you may review at 
https://www.amdocs.com/about/email-terms-of-service 
<https://www.amdocs.com/about/email-terms-of-service>

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#14089): https://lists.onap.org/g/onap-discuss/message/14089
Mute This Topic: https://lists.onap.org/mt/28276517/21656
Group Owner: onap-discuss+ow...@lists.onap.org
Unsubscribe: https://lists.onap.org/g/onap-discuss/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-