=============================
#openstack-security: security
=============================


Meeting started by fungi at 15:00:18 UTC.  The full logs are available
at
https://meetings.opendev.org/meetings/security/2022/security.2022-05-05-15.00.log.html
.



Meeting summary
---------------

* LINK: https://etherpad.opendev.org/p/security-agenda  (fungi,
  15:01:22)
* PTG recap  (fungi, 15:03:28)
  * LINK: https://etherpad.opendev.org/p/security-sig-ptg-zed  (fungi,
    15:05:17)
  * ACTION: fungi adjust the repos-overseen doc to also mention the vmt
    is available to assist projects even if their repos are not
    explicitly opted into oversight  (fungi, 15:09:36)

* Interim SIG chair  (fungi, 15:12:02)
  * LINK:
    http://lists.openstack.org/pipermail/openstack-discuss/2022-April/028251.html
    (fungi, 15:13:03)
  * LINK: https://review.opendev.org/839632  (fungi, 15:15:43)
  * ACTION: fungi push/amend sig chair update changes  (fungi, 15:16:44)

* Activities: retiring security-analysis repository  (fungi, 15:19:36)
  * ACTION: fungi send an announcement to the openstack-discuss list
    about moving documentation out of security-analysis to individual
    project repos  (fungi, 15:21:58)
  * ACTION: fungi follow retirement process from project teams
    guide/infra manual to retire security-analysis  (fungi, 15:22:24)

* Activities: horizon xstatic javascript library wrappers plan  (fungi,
  15:24:32)
  * ACTION: fungi initiate openstack-discuss thread on the topic of
    xstatic packages and js dependency handling  (fungi, 15:29:44)

* Activities: removing references to defunct security blog  (fungi,
  15:31:19)
  * ACTION: fungi propose change to remove security blog references from
    ossa repo  (fungi, 15:36:53)

* Recently public security bug reports  (fungi, 15:38:08)
  * LINK: https://launchpad.net/bugs/1970932  (fungi, 15:38:52)

* Recent vulnerabilities in or related to OpenStack  (fungi, 15:42:02)
  * LINK: https://www.openwall.com/lists/oss-security/2022/05/05/1
    (fungi, 15:42:36)
  * LINK: https://www.openwall.com/lists/oss-security/2022/05/05/2
    (fungi, 15:42:47)

* Anything else?  (fungi, 15:46:57)



Meeting ended at 15:50:59 UTC.



Action items, by person
-----------------------

* fungi
  * fungi adjust the repos-overseen doc to also mention the vmt is
    available to assist projects even if their repos are not explicitly
    opted into oversight
  * fungi push/amend sig chair update changes
  * fungi send an announcement to the openstack-discuss list about
    moving documentation out of security-analysis to individual project
    repos
  * fungi follow retirement process from project teams guide/infra
    manual to retire security-analysis
  * fungi initiate openstack-discuss thread on the topic of xstatic
    packages and js dependency handling
  * fungi propose change to remove security blog references from ossa
    repo



People present (lines said)
---------------------------

* fungi (63)
* gagehugo (4)
* opendevmeet (3)
* d34dh0r53 (2)
* dmendiza[m] (1)



Generated by `MeetBot`_ 0.1.4