Friday, 2016-03-18

« Thursday, 2016-03-17 Index Saturday, 2016-03-19 »
*** avarner_ has quit IRC00:00
*** JAHoagie has quit IRC00:08
*** edtubill has joined #openstack-security00:30
*** bpokorny_ has joined #openstack-security00:43
*** bpokorny has quit IRC00:46
*** bpokorny_ has quit IRC00:47
*** edmondsw has quit IRC00:52
*** tmcpeak has joined #openstack-security01:01
*** edtubill has quit IRC01:09
*** browne has quit IRC01:12
*** edtubill has joined #openstack-security01:14
*** salv-orlando has joined #openstack-security01:16
*** tmcpeak has joined #openstack-security01:17
*** salv-orlando has quit IRC01:17
*** salv-orlando has joined #openstack-security01:18
*** salv-orl_ has quit IRC01:19
*** salv-orlando has quit IRC01:22
openstackgerritBrian Moss proposed openstack/security-doc: Adding section about selecting supporting software  https://review.openstack.org/28916001:22
openstackgerritMerged openstack/security-doc: Correct the glossary markups with reference to new glossary terms  https://review.openstack.org/29097001:46
*** pdesai has joined #openstack-security01:51
*** pdesai has quit IRC02:04
*** browne has joined #openstack-security02:12
*** edtubill has quit IRC02:16
*** edtubill has joined #openstack-security02:16
*** edtubill has quit IRC02:22
*** edtubill has joined #openstack-security02:26
*** edtubill has quit IRC02:35
*** tmcpeak has quit IRC02:44
*** markvoelker has joined #openstack-security02:55
*** markvoelker has quit IRC03:01
*** salv-orlando has joined #openstack-security03:56
*** jass93 has joined #openstack-security04:02
*** jass93_ has quit IRC04:04
*** salv-orlando has quit IRC04:10
*** dave-mccowan has quit IRC04:21
*** markvoelker has joined #openstack-security04:47
*** markvoelker has quit IRC04:51
*** gmurphy has quit IRC04:54
*** gmurphy has joined #openstack-security04:56
*** salv-orlando has joined #openstack-security05:23
*** salv-orlando has quit IRC05:34
*** pcaruana has quit IRC06:18
*** salv-orlando has joined #openstack-security06:33
*** rcernin has joined #openstack-security06:37
*** salv-orlando has quit IRC06:41
*** markvoelker has joined #openstack-security06:48
*** markvoelker has quit IRC06:52
*** salv-orlando has joined #openstack-security07:14
*** salv-orl_ has joined #openstack-security07:16
*** salv-orlando has quit IRC07:19
*** y_sawai has joined #openstack-security07:49
*** pcaruana has joined #openstack-security07:57
*** salv-orl_ has quit IRC08:03
*** browne has quit IRC08:03
*** tesseract has joined #openstack-security08:20
*** tesseract is now known as Guest5995408:21
*** Guest59954 is now known as new08:25
*** new has quit IRC08:26
*** tesseract- has joined #openstack-security08:26
*** tkelsey has joined #openstack-security08:56
*** tkelsey has quit IRC09:00
*** tkelsey has joined #openstack-security09:01
*** JAHoagie has joined #openstack-security09:02
*** JAHoagie has quit IRC09:06
*** y_sawai has quit IRC09:22
*** y_sawai has joined #openstack-security09:23
*** salv-orlando has joined #openstack-security09:24
ykotko@tkelsey: https://bugs.launchpad.net/bandit/+bug/1554112 I have updated the bug09:46
openstackLaunchpad bug 1554112 in Bandit "After excluding plugin from the bandit.yaml it still was used during the scaning" [Critical,Confirmed] - Assigned to Tim Kelsey (tim-kelsey)09:46
tkelseyykotko: awesome! I'll take a look :) thanks09:47
tkelseyykotko: im just confirming now, but I think this is actually fixed in master now, so the problem should go away with the next release09:55
ykotkocan you backport the patch?09:56
ykotko*cherry pick09:56
tkelseyi'll have to find the patch that fixed it, since we didn't spot this bug ourselves I'm not sure when it was fixed, I think we need to push a new release soon (like today) will that be OK for you?09:57
*** JAHoagie has joined #openstack-security10:02
*** agireud has quit IRC10:03
*** agireud has joined #openstack-security10:05
*** JAHoagie has quit IRC10:06
ykotko@tkelsey: thanks10:40
tkelseyykotko: your welcome, thanks for the bug report10:40
*** y_sawai has quit IRC10:56
*** JAHoagie has joined #openstack-security11:03
*** JAHoagie has quit IRC11:07
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/29452611:22
*** Mainus has joined #openstack-security11:34
*** Mainus has left #openstack-security11:35
openstackgerritTim Kelsey proposed openstack/bandit: Breaking up blacklist import IDs  https://review.openstack.org/29453811:50
openstackgerritTim Kelsey proposed openstack/bandit: Breaking up blacklist import IDs  https://review.openstack.org/29453811:51
openstackgerritTim Kelsey proposed openstack/bandit: Breaking up blacklist import IDs  https://review.openstack.org/29453811:55
*** JAHoagie has joined #openstack-security12:02
*** dave-mccowan has joined #openstack-security12:05
*** JAHoagie has quit IRC12:07
*** edmondsw has joined #openstack-security12:16
*** markvoelker has joined #openstack-security12:32
*** ninag has joined #openstack-security12:42
*** openstackgerrit has quit IRC12:48
*** openstackgerrit has joined #openstack-security12:48
*** mvaldes has joined #openstack-security12:55
*** alejandrito has joined #openstack-security12:56
*** mvaldes1 has joined #openstack-security12:58
*** tesseract- has quit IRC12:59
*** mvaldes has quit IRC13:00
*** JAHoagie has joined #openstack-security13:02
*** salv-orlando has quit IRC13:06
*** JAHoagie has quit IRC13:06
*** tesseract has joined #openstack-security13:08
*** tesseract is now known as Guest8468813:08
*** cjschaef has joined #openstack-security13:11
*** JAHoagie has joined #openstack-security13:20
*** JAHoagie has quit IRC13:25
*** cleong has joined #openstack-security13:35
*** ametts has joined #openstack-security13:37
*** JAHoagie has joined #openstack-security13:38
*** rcernin has quit IRC14:01
*** avarner_ has joined #openstack-security14:02
*** sigmavirus24_awa is now known as sigmavirus2414:12
*** Trident has quit IRC14:13
*** Trident has joined #openstack-security14:14
*** edtubill has joined #openstack-security14:16
*** JAHoagie has quit IRC14:19
openstackgerritTim Kelsey proposed openstack/bandit: Improving config generator script  https://review.openstack.org/29461614:22
*** mvaldes has joined #openstack-security14:27
*** mvaldes1 has quit IRC14:27
*** pcaruana has quit IRC14:38
openstackgerritTim Kelsey proposed openstack/bandit: Blacklists now check node types are valid  https://review.openstack.org/28136514:44
*** Guest84688 has quit IRC14:48
*** ametts has quit IRC14:57
*** tesseract has joined #openstack-security15:00
*** tesseract is now known as Guest7688315:00
*** cleong has quit IRC15:01
*** bpokorny has joined #openstack-security15:02
*** salv-orlando has joined #openstack-security15:10
elmikosigmavirus24: what do you think about reviewable.io, have you been liking it?15:11
sigmavirus24eh15:11
sigmavirus24it's a bit annoying15:11
sigmavirus24but it's okay15:11
elmikoyea, i'm having trouble adjusting to it15:12
elmikomaybe i'm too used to gerrit15:12
sigmavirus24it has too many b.s. animations15:14
sigmavirus24that's what irks me most15:14
elmikooh gawds, those butterflies15:15
*** salv-orlando has quit IRC15:24
*** agireud has quit IRC15:42
*** agireud has joined #openstack-security15:44
*** mvaldes1 has joined #openstack-security15:57
*** mvaldes has quit IRC15:57
*** tmcpeak has joined #openstack-security16:01
*** ccneill_ has joined #openstack-security16:01
*** bpokorny has quit IRC16:02
*** bpokorny has joined #openstack-security16:13
*** mvaldes1 has quit IRC16:14
*** tmcpeak has quit IRC16:18
*** tmcpeak has joined #openstack-security16:20
*** tmcpeak has quit IRC16:22
*** tmcpeak has joined #openstack-security16:24
*** avarner_ has quit IRC16:27
*** browne has joined #openstack-security16:35
*** salv-orlando has joined #openstack-security16:41
*** browne has quit IRC16:41
*** browne has joined #openstack-security16:43
tkelseytmcpeak: ping?16:45
tmcpeakyo16:46
tmcpeaktkelsey: whatup16:46
tkelseyhey man, so im thinking we need to push a bandit version16:46
tmcpeakin the 17.x branch?16:46
tkelseynah, probs just do 0.1816:47
tmcpeakwhy?16:47
tmcpeakwe're close enough to 1.0 why not just wait?16:47
tmcpeakwe're just bugfixing at this pint16:47
tmcpeakpoint16:47
tkelseythere are some bugs in 17.3 that are not in master that people are asking about/reporting16:47
tmcpeakalso I don't think we're stable enough to release right now16:47
tmcpeakahhh16:47
*** pcaruana has joined #openstack-security16:48
tkelseythe one from ykotko for example16:48
tmcpeakso I'm not opposed to releasing, but what will we release?16:48
tmcpeakmaster is pretty flaky16:48
tkelseyhummm, well whats flaky on your radar ?16:48
tkelseymost of the stuff in LP has fix submitted16:48
tmcpeakyeah good Q16:49
tmcpeakactually I guess it's not so flaky anymore16:49
tmcpeakif it doesn't break Keystone I'm happy16:49
tmcpeakI guess we have integration tests to check for that anyway16:49
tkelseythere is one thing I need to fix, but otherwise im happy to push master out.... yeah we should check that, the (fixed) integration tests look good for keystone as well16:50
tkelseybrowne: are you about?16:50
browneyep16:50
tkelseyhey, so I am thinking of pushing a new bandit release to address some of the 0.17.x bugs16:51
tkelseyhow the integration tests looking? you mentioned there was a patch that still needed to merge?16:51
*** salv-orlando has quit IRC16:51
browneyep, waiting on https://review.openstack.org/#/c/286506/16:52
brownebut we could make another patch set update to it to hurry it along16:52
tkelseyah yeah that one16:52
brownei really want the integration piece working16:52
tkelseyyeah your right, its very important16:53
*** salv-orlando has joined #openstack-security16:53
*** bpokorny_ has joined #openstack-security16:53
tkelseywell lets give gcb some time to update that patch I guess16:53
*** bpokorny_ has quit IRC16:54
tkelseyI can hold off till monday for the bandit release, its just that we are getting reports of bugs that are fixed in master showing up16:54
*** bpokorny_ has joined #openstack-security16:54
browneunderstood.  i'll try to take some time today to work on gcb's patch and get approvals16:54
tkelseybrowne: excellent, thank you :)16:55
*** bpokorny has quit IRC16:56
tkelseyI'll hold off till monday evening (UK time, so morning US) and see what the state of things are for a release16:56
brownesounds good16:56
tkelseyok, thanks guys :)16:56
*** avarner_ has joined #openstack-security16:58
tkelseybrowne tmcpeak, if have free time can you also check out https://review.openstack.org/#/c/294538/ please, since it changes some of the IDs I would like it to merge/die before any new release17:03
tmcpeakyep, looking at that17:05
browneso will the ID change break existing exploiters17:05
tkelseyyes, but since we didn't release anything with test IDs (did 0.17.3 have them ?) that should be OK.17:06
tmcpeakyeah agreed, should be ok17:06
tkelseyjust checked, 0.17.3 didnt have them\17:08
openstackgerritChristopher J Schaefer proposed openstack/bandit: Moving test summary to end of screen results  https://review.openstack.org/29472417:10
*** browne has quit IRC17:19
*** browne has joined #openstack-security17:25
browneyes we didn't release anything with IDs but what about plugin names17:29
brownebefore we had a blacklist_calls and blacklist_imports and then within that plugin you could choose which imports to raise issues on17:29
browneso if someone only wanted to flag pickle in their bandit.yaml, i think their config might not work the same as today.17:30
brownebut maybe this is something we can live with.17:30
tkelseybrowne: i see your point, but I think its OK. The legacy blacklist data will override the new stuff completely if its there. The previous set of IDs would mean we cant filter blacklists as finely as we can with the old system, hence this patch17:54
browneok then.  i'll +W17:54
tkelseyawesome, thanks17:54
openstackgerritChristopher J Schaefer proposed openstack/bandit: Adding debug tox testenv for bandit  https://review.openstack.org/29474218:04
*** bpokorny_ has quit IRC18:07
*** bpokorny has joined #openstack-security18:07
openstackgerritMerged openstack/bandit: Breaking up blacklist import IDs  https://review.openstack.org/29453818:09
*** bpokorny has quit IRC18:11
*** bpokorny has joined #openstack-security18:12
*** ccneill_ has quit IRC18:14
*** Guest76883 has quit IRC18:15
*** ccneill_ has joined #openstack-security18:15
*** mvaldes has joined #openstack-security18:41
*** mvaldes1 has joined #openstack-security18:43
*** mvaldes has quit IRC18:45
*** bpokorny_ has joined #openstack-security18:53
*** bpokorny_ has quit IRC18:54
*** bpokorny has quit IRC18:57
*** bpokorny has joined #openstack-security18:58
*** ibravo has joined #openstack-security19:02
*** ccneill_ is now known as ccneill19:27
openstackgerritMerged openstack/bandit: Improving config generator script  https://review.openstack.org/29461619:31
openstackgerritChristopher J Schaefer proposed openstack/bandit: Moving test summary to end of screen results  https://review.openstack.org/29472419:36
*** tkelsey has quit IRC19:38
*** bpokorny has quit IRC20:06
*** bpokorny has joined #openstack-security20:24
*** ninag has quit IRC20:28
*** ccneill has quit IRC20:29
*** alejandrito has quit IRC20:37
*** avarner_ has quit IRC20:55
*** ninag has joined #openstack-security21:02
openstackgerritMerged openstack/bandit: Adding debug tox testenv for bandit  https://review.openstack.org/29474221:03
*** mvaldes1 has quit IRC21:06
*** ninag has quit IRC21:07
*** mvaldes has joined #openstack-security21:07
*** Aftergl0w has joined #openstack-security21:24
*** yarkot1 has joined #openstack-security21:24
*** Afterglow has quit IRC21:25
*** yarkot has quit IRC21:25
*** Aftergl0w is now known as Afterglow21:25
*** Afterglow has quit IRC21:25
*** Afterglow has joined #openstack-security21:25
*** edmondsw has quit IRC21:26
*** dstufft has quit IRC21:26
*** redrobot has quit IRC21:26
*** dstufft has joined #openstack-security21:26
*** edmondsw has joined #openstack-security21:26
*** redrobot has joined #openstack-security21:29
*** redrobot is now known as Guest9839921:29
*** Guest98399 is now known as redrobot21:37
*** mvaldes has quit IRC21:54
*** cjschaef has quit IRC21:59
*** sigmavirus24 is now known as sigmavirus24_awa22:00
*** jass93_ has joined #openstack-security22:02
*** jass93 has quit IRC22:02
*** edmondsw has quit IRC22:11
*** edtubill has quit IRC22:13
*** salv-orl_ has joined #openstack-security22:28
*** salv-orlando has quit IRC22:30
*** tmcpeak has quit IRC22:41
*** tmcpeak has joined #openstack-security22:51
*** hyakuhei has joined #openstack-security23:04
*** hyakuhei has quit IRC23:05
*** tmcpeak has quit IRC23:35
*** markvoelker has quit IRC23:44
« Thursday, 2016-03-17 Index Saturday, 2016-03-19 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!