#openstack-security: security
Meeting started by fungi at 15:00:18 UTC
(full logs).
Meeting summary
-
- https://etherpad.opendev.org/p/security-agenda
(fungi,
15:01:22)
- PTG recap (fungi, 15:03:28)
- https://etherpad.opendev.org/p/security-sig-ptg-zed
(fungi,
15:05:17)
- ACTION: fungi adjust
the repos-overseen doc to also mention the vmt is available to
assist projects even if their repos are not explicitly opted into
oversight (fungi,
15:09:36)
- Interim SIG chair (fungi, 15:12:02)
- http://lists.openstack.org/pipermail/openstack-discuss/2022-April/028251.html
(fungi,
15:13:03)
- https://review.opendev.org/839632
(fungi,
15:15:43)
- ACTION: fungi
push/amend sig chair update changes (fungi,
15:16:44)
- Activities: retiring security-analysis repository (fungi, 15:19:36)
- ACTION: fungi send an
announcement to the openstack-discuss list about moving
documentation out of security-analysis to individual project
repos (fungi,
15:21:58)
- ACTION: fungi follow
retirement process from project teams guide/infra manual to retire
security-analysis (fungi,
15:22:24)
- Activities: horizon xstatic javascript library wrappers plan (fungi, 15:24:32)
- ACTION: fungi
initiate openstack-discuss thread on the topic of xstatic packages
and js dependency handling (fungi,
15:29:44)
- Activities: removing references to defunct security blog (fungi, 15:31:19)
- ACTION: fungi propose
change to remove security blog references from ossa repo
(fungi,
15:36:53)
- Recently public security bug reports (fungi, 15:38:08)
- https://launchpad.net/bugs/1970932
(fungi,
15:38:52)
- Recent vulnerabilities in or related to OpenStack (fungi, 15:42:02)
- https://www.openwall.com/lists/oss-security/2022/05/05/1
(fungi,
15:42:36)
- https://www.openwall.com/lists/oss-security/2022/05/05/2
(fungi,
15:42:47)
- Anything else? (fungi, 15:46:57)
Meeting ended at 15:50:59 UTC
(full logs).
Action items
- fungi adjust the repos-overseen doc to also mention the vmt is available to assist projects even if their repos are not explicitly opted into oversight
- fungi push/amend sig chair update changes
- fungi send an announcement to the openstack-discuss list about moving documentation out of security-analysis to individual project repos
- fungi follow retirement process from project teams guide/infra manual to retire security-analysis
- fungi initiate openstack-discuss thread on the topic of xstatic packages and js dependency handling
- fungi propose change to remove security blog references from ossa repo
Action items, by person
- fungi
- fungi adjust the repos-overseen doc to also mention the vmt is available to assist projects even if their repos are not explicitly opted into oversight
- fungi push/amend sig chair update changes
- fungi send an announcement to the openstack-discuss list about moving documentation out of security-analysis to individual project repos
- fungi follow retirement process from project teams guide/infra manual to retire security-analysis
- fungi initiate openstack-discuss thread on the topic of xstatic packages and js dependency handling
- fungi propose change to remove security blog references from ossa repo
People present (lines said)
- fungi (63)
- gagehugo (4)
- opendevmeet (3)
- d34dh0r53 (2)
- dmendiza[m] (1)
Generated by MeetBot 0.1.4.