Tuesday, 2015-01-20

« Monday, 2015-01-19 Index Wednesday, 2015-01-21 »
*** ljfisher has quit IRC00:00
*** bknudson has quit IRC00:01
*** nkinder has joined #openstack-security00:06
*** salv-orlando has quit IRC00:07
*** salv-orlando has joined #openstack-security00:07
*** tmcpeak has quit IRC00:52
*** salv-orlando has quit IRC00:55
*** bdpayne has quit IRC01:00
*** mohitsharma has joined #openstack-security01:01
*** mohitsha_ has joined #openstack-security01:03
*** mohitsharma has quit IRC01:06
*** _amrith_ is now known as amrith01:36
*** salv-orlando has joined #openstack-security01:58
*** bpokorny_ has quit IRC02:02
*** salv-orlando has quit IRC02:02
*** amrith is now known as _amrith_02:14
*** salv-orlando has joined #openstack-security02:16
*** salv-orlando has quit IRC02:21
*** _amrith_ is now known as amrith02:56
*** salv-orlando has joined #openstack-security03:03
*** salv-orlando has quit IRC03:04
*** Kinokoio has quit IRC03:30
*** mohitsha_ has quit IRC03:34
*** mohitsharma has joined #openstack-security03:47
*** amrith is now known as _amrith_04:05
*** mohitsha_ has joined #openstack-security04:11
*** mohitsharma has quit IRC04:14
*** mohitsha_ has quit IRC04:39
*** mohitsharma has joined #openstack-security05:08
*** mohitsha_ has joined #openstack-security06:27
*** mohitsharma has quit IRC06:27
*** nkinder has quit IRC06:32
*** mohitsha_ has quit IRC06:58
*** mohitsharma has joined #openstack-security06:59
*** mohitsharma has quit IRC07:40
*** mohitsharma has joined #openstack-security07:54
*** mohitsharma has quit IRC07:58
*** mohitsharma has joined #openstack-security08:08
*** mohitsharma has quit IRC08:09
*** mohitsharma has joined #openstack-security08:19
*** jamielennox is now known as jamielennox|away08:28
*** mohitsharma has quit IRC09:11
*** mohitsharma has joined #openstack-security09:15
*** vozcelik has quit IRC09:29
openstackgerritMerged openstack/security-doc: Change git to Git  https://review.openstack.org/14822809:57
*** mohitsharma has quit IRC10:07
*** mohitsharma has joined #openstack-security10:08
*** mohitsha_ has joined #openstack-security10:20
*** mohitsharma has quit IRC10:20
*** tkelsey has joined #openstack-security10:36
*** mohitsha_ has quit IRC11:07
*** mohitsharma has joined #openstack-security11:13
*** mohitsharma has quit IRC11:25
*** Kinokoio has joined #openstack-security11:32
*** _amrith_ is now known as amrith12:07
*** pcaruana has joined #openstack-security12:17
*** salv-orlando has joined #openstack-security12:43
*** salv-orlando has quit IRC13:17
*** salv-orlando has joined #openstack-security13:24
*** salv-orlando has quit IRC13:24
*** salv-orlando has joined #openstack-security13:25
*** Kinokoio has quit IRC13:29
*** amrith is now known as _amrith_13:31
*** salv-orlando has quit IRC13:31
*** salv-orlando has joined #openstack-security13:32
*** ljfisher has joined #openstack-security13:49
*** paulmo has joined #openstack-security14:12
*** mvangund has joined #openstack-security14:31
*** mvangund is now known as singlethink14:31
*** _amrith_ is now known as amrith14:39
*** tmcpeak has joined #openstack-security14:43
*** dave-mccowan has joined #openstack-security15:03
*** mohitsharma has joined #openstack-security15:07
*** tmcpeak has quit IRC15:11
*** tmcpeak has joined #openstack-security15:16
*** voodookid has joined #openstack-security15:18
*** voodookid has quit IRC15:23
*** mohitsharma has quit IRC15:24
*** voodookid has joined #openstack-security15:38
*** sicarie has joined #openstack-security16:00
*** bknudson has joined #openstack-security16:39
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/14865917:17
*** bdpayne has joined #openstack-security17:38
*** openfly has joined #openstack-security17:58
openflyAre the OSSA's available anywhere in a db or parseable format?17:58
*** bknudson has left #openstack-security17:59
*** bknudson has joined #openstack-security17:59
*** pcaruana has quit IRC18:00
tmcpeakopenfly: good question, not that I know of18:03
*** bpokorny has joined #openstack-security18:04
openflyi did up to 2012 for a summit talk in 2012...18:07
openflybut it ended up being a lot of manual data entry18:07
openflythe emails were not programatically parseable18:07
openflymaybe they have gotten better =/18:07
tmcpeakopenfly: yeah, would be a cool idea for a summit talk18:08
tmcpeakAFAIK it has not improved18:08
tmcpeakprobably still a lot of manual effort18:08
openfly=/18:08
tmcpeakbuild one?18:09
tmcpeak:)18:09
openflystill have the json for up to 201218:09
openflyjust... it took me like 2 days to compile that far last time18:09
openflyit's a total time sink18:09
tmcpeakI bet, it's probably way worse this time18:09
openflyprobably18:09
openfly3 more years with a lot of vulns reported...18:09
tmcpeakyeah, OpenStack has a lot more traction so I think vulns are accelerating18:10
openflyyes and no18:10
openflyearly dev work generated a LOT of nasty vulns18:10
openflykeystone for a while there was just privilege escalation after escalation and failure to lock out accounts18:11
openflywe'd know if we could parse the data =P18:11
tmcpeakhmm, yeah good point.  Devs gaining experience and learning from mistakes18:11
openstackgerritMerged openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/14865918:12
openflyman i'm going to have to grab one of the lists the OSSAs are posted to and cull them all.18:12
openflyi guess maybe announce will be best18:12
openflyoh shit18:12
tmcpeaktime to hack up a script :)18:12
openflylist came through18:12
openflyhttp://git.openstack.org/cgit/openstack/ossa/tree/ossa18:12
tmcpeakoh nice!18:13
openflyftr ossa's are only a subset of openstack vulnerabilities18:17
openflysome of the distros have their own problems as do supporting software stacks18:18
openflyand they don't end up in OSSAs18:18
openfly=/18:18
tmcpeakyeah, still - at least having the OSSA's in one place and parseable is nice18:19
openflyyup18:21
openflynow to parse em and get some fun graphs!18:21
*** Kinokoio has joined #openstack-security18:21
*** bpokorny_ has joined #openstack-security18:31
*** bknudson has quit IRC18:32
*** bpokorny has quit IRC18:34
openflyheh exactly 100 OSSAs18:39
openflywe should have a cake or something.18:39
*** bpokorny has joined #openstack-security18:40
*** tkelsey has quit IRC18:43
*** bpokorny_ has quit IRC18:43
*** Kinokoio has quit IRC18:51
*** tmcpeak has quit IRC19:30
*** bdpayne has quit IRC19:51
*** ljfisher has quit IRC19:52
*** ljfisher has joined #openstack-security19:52
*** bdpayne has joined #openstack-security20:13
*** bknudson has joined #openstack-security20:29
*** ljfisher has quit IRC20:41
*** salv-orlando has quit IRC20:45
*** Mister has joined #openstack-security20:47
*** Mister has left #openstack-security20:48
*** bpokorny_ has joined #openstack-security21:00
*** bpokorny has quit IRC21:03
*** salv-orlando has joined #openstack-security21:08
*** salv-orlando has quit IRC21:09
*** salv-orlando has joined #openstack-security21:10
*** amrith is now known as _amrith_21:10
*** tmcpeak has joined #openstack-security21:20
*** paulmo has quit IRC21:48
tmcpeakopenfly: lol21:48
*** jeblair has quit IRC21:51
*** dave-mccowan has quit IRC22:07
*** bpokorny has joined #openstack-security22:25
*** bpokorny_ has quit IRC22:29
*** gabriela has joined #openstack-security22:56
gabrielaholaz22:58
*** gabriela has left #openstack-security22:58
*** sicarie has quit IRC23:00
*** bknudson has quit IRC23:26
*** jamielennox|away is now known as jamielennox23:36
*** singlethink has quit IRC23:52
« Monday, 2015-01-19 Index Wednesday, 2015-01-21 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!