#openstack-security: security

Meeting started by fungi at 15:05:05 UTC (full logs).

Meeting summary

    1. https://etherpad.opendev.org/p/security-agenda Meeting Agenda (fungi, 15:05:30)

  2. Prior actions (fungi, 15:05:51)
    1. https://review.opendev.org/844444 (openstack/ossa) repos-overseen: VMT is happy to assist any project (fungi, 15:06:23)
    2. https://review.opendev.org/844446 (openstack/governance-sigs) Security SIG chair rotation (fungi, 15:06:59)
    3. https://review.opendev.org/844448 (opendev/irc-meetings) Security SIG chair rotation (fungi, 15:07:15)
    4. https://review.opendev.org/844451 (openstack/ossa) Drop references for the old security blog (fungi, 15:07:46)
    5. https://lists.openstack.org/pipermail/openstack-discuss/2022-June/028816.html Retiring security-analysis process and repo (fungi, 15:08:23)
    6. https://review.opendev.org/844463 (openstack/governance) Remove security-analysis repo from Security SIG (fungi, 15:08:53)
    7. https://review.opendev.org/844468 (openstack/security-doc) Use permalink for Barbican security analysis (fungi, 15:09:09)
    8. https://review.opendev.org/844490 (openstack/security-analysis) Retirement Step 2: Remove Project Content (fungi, 15:09:23)
    9. ACTION: fungi complete retirement process for security-analysis (fungi, 15:10:04)
    10. ACTION: fungi add new volunteers to review groups (fungi, 15:12:54)
    11. ACTION: fungi initiate openstack-discuss thread on the topic of xstatic packages and js dependency handling (fungi, 15:13:19)

  3. Activities: Publishing OSSNs (fungi, 15:14:28)
    1. https://opendev.org/openstack/security-doc/src/branch/master/security-notes Security Notes in Git (fungi, 15:15:16)
    2. https://wiki.openstack.org/wiki/OSSN Security Notes in Wiki (fungi, 15:15:37)

  4. Recently public security bug reports (fungi, 15:21:39)
    1. https://launchpad.net/bugs/1975830 Horizon doesn't provide ACL on Instance level (fungi, 15:22:24)

  5. Recent vulnerabilities in or related to OpenStack (fungi, 15:25:32)
  6. Anything else? (fungi, 15:30:33)
    1. https://openinfra.dev/summit-schedule#track=390&view=calendar OpenInfra Summit Security Track Sessions (fungi, 15:34:42)


Meeting ended at 15:45:06 UTC (full logs).

Action items

  1. fungi complete retirement process for security-analysis
  2. fungi add new volunteers to review groups
  3. fungi initiate openstack-discuss thread on the topic of xstatic packages and js dependency handling


Action items, by person

  1. fungi
    1. fungi complete retirement process for security-analysis
    2. fungi add new volunteers to review groups
    3. fungi initiate openstack-discuss thread on the topic of xstatic packages and js dependency handling


People present (lines said)

  1. fungi (63)
  2. opendevmeet (3)
  3. gagehugo (2)
  4. d34dh0r53 (2)


Generated by MeetBot 0.1.4.