15:00:37 #startmeeting security 15:00:37 Meeting started Thu Jan 6 15:00:37 2022 UTC and is due to finish in 60 minutes. The chair is gagehugo. Information about MeetBot at http://wiki.debian.org/MeetBot. 15:00:37 Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 15:00:37 The meeting name has been set to 'security' 15:00:43 #link https://etherpad.opendev.org/p/security-agenda agenda 15:00:46 o/ 15:01:26 ohai 15:04:39 I was out for the last 2 weeks of Dec so I don't really have any major updates. I didn't see a response about the security-specs repo so I assume we can move forward with retiring it. 15:06:25 yes, i assume the same 15:11:25 fungi: any updates on your end? 15:12:28 i started a thread on the ml about log4j vulnerabilities as they relate to openstack 15:13:03 mainly trying to gather info from the broader community on any situations they know about where vulnerable software is used in conjunction with openstack deployments 15:13:42 though i've really only received questions from two users about it, so not exactly a flood of people asking 15:16:51 not too many java apps in openstack 15:17:01 yeah, approximately none 15:17:11 but people like to use things like elasticsearch 15:17:27 or maybe someone is running a minecraft server on openstack 15:18:43 #link https://lists.openstack.org/pipermail/openstack-discuss/2022-January/026490.html Log4j vulnerabilities and OpenStack 15:18:54 in case anyone's looking for it 15:33:00 thanks fungi 15:33:44 Have a good rest of the week! 15:33:46 #endmeeting