============================
#openstack-meeting: security
============================


Meeting started by gagehugo at 15:01:59 UTC.  The full logs are
available at
http://eavesdrop.openstack.org/meetings/security/2020/security.2020-08-13-15.01.log.html
.



Meeting summary
---------------

* LINK: https://etherpad.opendev.org/p/security-agenda agenda
  (gagehugo, 15:03:03)
* https://bugs.launchpad.net/nova/+bug/1888722  (gagehugo, 15:07:10)

* security issue - some command injection vulnerability found and fixed
  (gagehugo, 15:15:35)
  * LINK: https://bugs.launchpad.net/cinder/+bug/1889055  (gagehugo,
    15:15:45)

* CVE-2020-11984 mod_proxy_uwsgi buffer overflow  (gagehugo, 15:28:50)
  * LINK: https://httpd.apache.org/security/vulnerabilities_24.html
    (gagehugo, 15:30:01)
  * CVE-2020-11984 may be a good opportunity for an OSSN to alert
    OpenStack deployers to potential risks in unpatched Apache
    mod_proxy_uwsgi  (fungi, 15:33:52)



Meeting ended at 15:41:27 UTC.



People present (lines said)
---------------------------

* gagehugo (19)
* fungi (19)
* openstack (5)



Generated by `MeetBot`_ 0.1.4