#openstack-meeting: security

Meeting started by gagehugo at 15:01:59 UTC (full logs).

Meeting summary

    1. https://etherpad.opendev.org/p/security-agenda agenda (gagehugo, 15:03:03)

  2. https://bugs.launchpad.net/nova/+bug/1888722 (gagehugo, 15:07:10)
  3. security issue - some command injection vulnerability found and fixed (gagehugo, 15:15:35)
    1. https://bugs.launchpad.net/cinder/+bug/1889055 (gagehugo, 15:15:45)

  4. CVE-2020-11984 mod_proxy_uwsgi buffer overflow (gagehugo, 15:28:50)
    1. https://httpd.apache.org/security/vulnerabilities_24.html (gagehugo, 15:30:01)
    2. CVE-2020-11984 may be a good opportunity for an OSSN to alert OpenStack deployers to potential risks in unpatched Apache mod_proxy_uwsgi (fungi, 15:33:52)


Meeting ended at 15:41:27 UTC (full logs).

Action items

  1. (none)


People present (lines said)

  1. gagehugo (19)
  2. fungi (19)
  3. openstack (5)


Generated by MeetBot 0.1.4.