#openstack-meeting: security

Meeting started by gagehugo at 15:01:43 UTC (full logs).

Meeting summary

    1. https://etherpad.opendev.org/p/security-agenda agenda (gagehugo, 15:02:01)
    2. https://launchpad.net/bugs/1895688 Authenticated RCE in blazar-dashboard (fungi, 15:05:47)

  2. Authenticated RCE in blazar-dashboard via python expression in POST parameters (gagehugo, 15:07:20)
    1. https://bugs.launchpad.net/blazar/+bug/1895688 (gagehugo, 15:07:27)
    2. https://security.openstack.org/vmt-process.html#send-cve-request (gagehugo, 15:14:40)
    3. https://security.openstack.org/vmt-process.html#send-cve-request cve request instructions (fungi, 15:15:03)
    4. https://security.openstack.org/vmt-process.html#openstack-security-advisories-ossa template for ossa metadata (fungi, 15:16:00)
    5. https://security.openstack.org/ossa/OSSA-2020-006.html#affects example affected version ranges list (fungi, 15:21:23)

  3. horizon bug (gagehugo, 15:30:48)
    1. https://bugs.launchpad.net/horizon/+bug/1898465 (gagehugo, 15:30:53)

  4. open discussion (gagehugo, 15:36:49)
    1. https://bugs.launchpad.net/keystonemiddleware/+bug/1892852 (gagehugo, 15:38:20)
    2. https://bugs.launchpad.net/keystonemiddleware/+bug/1883659 (gagehugo, 15:38:50)


Meeting ended at 15:45:26 UTC (full logs).

Action items

  1. (none)


People present (lines said)

  1. fungi (33)
  2. gagehugo (32)
  3. priteau (15)
  4. openstack (8)


Generated by MeetBot 0.1.4.