=============================
#openstack-security: security
=============================


Meeting started by fungi at 15:02:00 UTC.  The full logs are available
at
https://meetings.opendev.org/meetings/security/2022/security.2022-09-01-15.02.log.html
.



Meeting summary
---------------

* LINK: https://etherpad.opendev.org/p/security-agenda Meeting Agenda
  (fungi, 15:02:33)
* Prior Actions  (fungi, 15:02:48)
  * LINK:
    https://meetings.opendev.org/meetings/security/2022/security.2022-07-07-15.00.html
    Minutes from last meeting  (fungi, 15:03:20)
  * LINK:
    https://lists.openstack.org/pipermail/openstack-discuss/2022-August/029825.html
    XStatic and JS dependencies  (fungi, 15:04:47)
  * ACTION: fungi propose xstatic discussion topic on horizon ptg agenda
    (fungi, 15:07:12)
  * ACTION: fungi add new volunteers to embargo-notice ml  (fungi,
    15:07:59)
  * ACTION: fungi update ossn/security-doc members in gerrit and
    launchpad  (fungi, 15:08:10)

* Pending Reviews  (fungi, 15:10:32)
  * LINK: https://review.opendev.org/q/is:open+project:openstack/ossa
    Open change reviews for openstack/ossa  (fungi, 15:10:42)

* Public Bug Reports  (fungi, 15:13:26)
  * LINK:
    https://bugs.launchpad.net/ossa/+bugs?field.information_type%3Alist=PUBLIC&field.information_type%3Alist=PUBLICSECURITY
    (fungi, 15:13:36)
  * LINK: https://launchpad.net/bugs/1981813 Compute service fails to
    restart if the vnic_type of a bound port changed from direct to
    macvtap (CVE-2022-37394)  (fungi, 15:15:00)
  * LINK: https://review.opendev.org/850003 Gracefully ERROR in
    _init_instance if vnic_type changed  (fungi, 15:16:03)
  * ACTION: fungi reach out to nova reviewers about 850003  (fungi,
    15:18:23)
  * LINK: https://launchpad.net/bugs/1980954 Resource leak with
    HTTPBadRequest in StaticLargeObject.get_slo_segments  (fungi,
    15:18:52)
  * ACTION: fungi switch bug 1981813 to class b1 for now  (fungi,
    15:22:28)
  * ACTION: fungi switch advisory tasks for old public security bugs to
    won't fix for now  (fungi, 15:24:46)

* PTG Planning  (fungi, 15:25:34)
  * LINK:
    https://lists.openstack.org/pipermail/openstack-discuss/2022-August/029823.html
    Any interest in getting together at the PTG?  (fungi, 15:26:37)
  * LINK: https://ptg.opendev.org/ptg.html PTG Schedule  (fungi,
    15:28:37)
  * ACTION: fungi schedule an hour at the ptg for the security sig
    (fungi, 15:30:43)

* Open Discussion  (fungi, 15:34:21)



Meeting ended at 15:38:51 UTC.



Action items, by person
-----------------------

* fungi
  * fungi propose xstatic discussion topic on horizon ptg agenda
  * fungi add new volunteers to embargo-notice ml
  * fungi update ossn/security-doc members in gerrit and launchpad
  * fungi reach out to nova reviewers about 850003
  * fungi switch bug 1981813 to class b1 for now
  * fungi switch advisory tasks for old public security bugs to won't
    fix for now
  * fungi schedule an hour at the ptg for the security sig



People present (lines said)
---------------------------

* fungi (55)
* opendevmeet (3)
* prometheanfire (2)



Generated by `MeetBot`_ 0.1.4