Tuesday, 2020-08-11

*** Jackneill has quit IRC01:08
*** Jackneill has joined #openstack-security01:20
*** gyee has quit IRC02:11
*** rcernin has quit IRC02:37
*** rcernin has joined #openstack-security02:48
*** irclogbot_0 has quit IRC03:05
*** irclogbot_3 has joined #openstack-security03:07
*** rcernin has quit IRC03:54
*** rcernin has joined #openstack-security04:22
*** rcernin has quit IRC09:11
*** rcernin has joined #openstack-security09:34
*** markvoelker has joined #openstack-security09:45
*** markvoelker has quit IRC09:49
*** rcernin has quit IRC09:56
*** markvoelker has joined #openstack-security10:52
*** markvoelker has quit IRC10:56
*** rcernin has joined #openstack-security11:31
*** markvoelker has joined #openstack-security11:35
*** markvoelker has quit IRC11:40
*** Luzi has joined #openstack-security12:55
*** Luzi has quit IRC13:00
*** dave-mccowan has joined #openstack-security13:10
*** dave-mccowan has quit IRC13:29
*** rcernin has quit IRC14:08
*** rcernin has joined #openstack-security14:19
*** rcernin has quit IRC14:24
*** sean-k-mooney has joined #openstack-security15:20
fungi  ohai15:21
sean-k-mooneyhi i have a public bug that potentially has security impacts, at this point there is no point in moving it to security since its been public since 2020-06-2915:21
sean-k-mooneyshould i mark it as public security or what the best way to approch it15:21
fungiwhat's the bug number? i'll take a look and add an ossa bugtask et cetera15:21
openstackLaunchpad bug 1885558 in OpenStack Compute (nova) "sriov: instance with macvtap vnic_type live migration failed" [High,In progress] - Assigned to renminmin (rmm0811)15:22
fungihttps://security.openstack.org/vmt-process.html also talks about how we handle issues reported in public vs in private15:22
sean-k-mooneyah good ill take a look at that. the bug as described is not intially obviously a security issue but there are other failure modes that kind of are15:23
sean-k-mooneyanyway ill read that now15:23
fungiyeah, you could open a separate private security bug for nova detailing the non-obvious risks it poses, and then we can mark them as duplicates when the second bug is made public15:24
fungithough unless the impact is really severe, handling it in public is probably better anyway15:25
sean-k-mooneysure i can do that. am i can pm you a short description too i would prefer not to say it on the open channel15:25
fungiyeah, no problem15:27
*** gyee has joined #openstack-security19:59
*** openstackgerrit has quit IRC20:52
-openstackstatus- NOTICE: The openstackgerrit IRC bot (gerritbot) will be offline for a short period while we redeploy it on a new server20:53
*** rcernin has joined #openstack-security22:46

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!