Security Team meeting minutes for 2014-12-18
by Eric Christensen
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
======================================================================================================
#fedora-meeting: Security Team Meeting - Agenda: https://fedoraproject.org/wiki/Security_Team_meetings
======================================================================================================
Meeting started by Sparks at 14:01:20 UTC. The full logs are available
at
http://meetbot.fedoraproject.org/fedora-meeting/2014-12-18/fedora_securit...
.
Meeting summary
- ---------------
* Roll Call (Sparks, 14:01:39)
* Participants are reminded to make liberal use of #info #link #help
in order to make the minutes "more better" (Sparks, 14:05:33)
* Next two meetings (Sparks, 14:05:39)
* IDEA: Cancel next two meetings due to the holidays. (Sparks,
14:05:50)
* AGREED: Next two meetings are cancelled due to holidays. (Sparks,
14:09:16)
* Outstanding BZ Tickets (Sparks, 14:09:23)
* Thursday's numbers: Critical 1, Important 49, Moderate 375, Low 148,
Total 573, Trend -8 (Sparks, 14:09:53)
* Current tickets owned: 197 (~34%) (Sparks, 14:09:57)
* ~50 security bugs will be closed as F19 support ends in < 1 month.
(Sparks, 14:13:26)
* Open floor discussion/questions/comments (Sparks, 14:15:13)
Meeting ended at 14:17:58 UTC.
Action Items
- ------------
Action Items, by person
- -----------------------
* **UNASSIGNED**
* (none)
People Present (lines said)
- ---------------------------
* Sparks (30)
* zodbot (7)
* jtaylor90 (6)
* sgallagh (3)
* mhayden (3)
* bvincent (1)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQGcBAEBCgAGBQJUkuJ/AAoJEB/kgVGp2CYvjCYMAIWXFI2KXHTXLerZZFjQqEo2
gEWdKXN/edI5RviYZfzAfgRD7B96x1YYZaXUE7KxHAvarHDe8AQTJrnMr2mjiBU5
fqFsw0qCBhT9Pzjo9cL7ebGI5Wyuys58A4C6Iomw6bJye8tmu/VzvIUxkrC5d9HB
nCnS5ZKW6eg1fX6ENGDATmyhJTu8QcZvb753poE/QkiKiDhphBhEbji/9CqImoPA
i3Iz20bpQqaLVdAAtzCoIy4/QQD6w+IEPZ4DQ1od/Lr/Y2kHbIg7ggmdGNg0hhtH
ihAPgZHyLHzMlBEtabNfcFNffQAeGXwVKd/Yng+PLkZNs/I2M/zgiiw94zNZR1/L
fxcWEnqHUfXRboW4c5bLDvbApNqbt5WykUB/QtyA0RbQb/Bfp5m+Itu3jjNfXaK/
U7DtjyX0cK/ocqLGY9XGp74q1+JsTWvrjvTqQfe5nNb6j8la+RvBnSIVPLnhIE80
bYbwpYuJG/OBDFrEXB2i2hjlMzinFckNFYU8KKiB+Q==
=QHAr
-----END PGP SIGNATURE-----
8 years, 11 months
Security Team meeting minutes for 2014-12-11
by Eric Christensen
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
======================================================================================================
#fedora-meeting: Security Team Meeting - Agenda: https://fedoraproject.org/wiki/Security_Team_meetings
======================================================================================================
Meeting started by Sparks at 14:01:36 UTC. The full logs are available
at
http://meetbot.fedoraproject.org/fedora-meeting/2014-12-11/fedora_securit...
.
Meeting summary
- ---------------
* Roll Call (Sparks, 14:01:44)
* Participants are reminded to make liberal use of #info #link #help
in order to make the minutes "more better" (Sparks, 14:07:16)
* Outstanding BZ Tickets (Sparks, 14:07:23)
* Wednesday's numbers: Critical 1, Important 51, Moderate 378, Low
151, Total 581, Trend -46 (Sparks, 14:07:32)
* Tickets closed: 189 (Sparks, 14:07:38)
* LINK: https://bugzilla.redhat.com/show_bug.cgi?id=765664
(bvincent, 14:09:09)
* LINK: https://bugzilla.redhat.com/show_bug.cgi?id=1152851 (d-caf,
14:11:51)
* LINK: http://www.kb.cert.org/vuls/id/887409 (bvincent, 14:16:11)
* Open floor discussion/questions/comments (Sparks, 14:22:08)
Meeting ended at 14:33:36 UTC.
Action Items
- ------------
Action Items, by person
- -----------------------
* **UNASSIGNED**
* (none)
People Present (lines said)
- ---------------------------
* Sparks (27)
* jtaylor90 (17)
* d-caf (8)
* bvincent (8)
* zodbot (6)
* mhayden (1)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQGcBAEBCgAGBQJUiat3AAoJEB/kgVGp2CYvBG4L/ir16f3ogK5bMt502cMMosUS
+6QT3uDYQXhYn8bMXwmcInqs0dD8fJdv/+BgqPF2xg3gaVMmpEcUFKFlCA7+9HOY
8nSM+4ZfpIO0Lnl9J3lrM6mksSGFLiVjlDuyZ/10lHLYpcXatw+Gk8b1gD7mP/pL
OoeNRStxl/094kPUrzbxs55cXO4F5/5b273vVNHdD+gxaIWyhl/7hOnmrFHWoOpl
VHk8TTWs/32lEsjWsjl7LdN6By95tpQaBS0o63t7UuJ/4agmfS7RgNjdRT47iZ1q
/zdO4SgWZlBZ4h2Jk/vajUszu2CG/YtRmaqVq+GA++LDgB14i/kEK7EGXuh+HOge
LzgHKjrsvIjmaMcjKwDrGln8ud/x+RTsx7TgwW4X5s9n3vEcVPuaSdtmMI0RKk99
FP68qypPIXOZYw/2duP5/U47NlFy0FrBheLSP7KuZcfbkTXBAtYix11MbaAGn/B6
I4R29LgHYL16xssyWw28cuZBKkh6Hp6aKj3UYiiVWQ==
=vaqW
-----END PGP SIGNATURE-----
8 years, 12 months
Ongoing open-firewall discussion
by Jan Rusnacko
Hey guys,
given that there is quite heated discussion about open by default firewall, is this something we want to contribute to (as a team) ? Do you think we a) can and b) should come with a statement and join the discussion ?
We started looking into making fedora more secure with PermitRootLogin and this case seems similar (though with opposite outcome).
--
Jan Rusnacko, Red Hat Product Security
8 years, 12 months
Security Team meeting minutes for 2014-12-04
by Eric Christensen
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
======================================================================================================
#fedora-meeting: Security Team Meeting - Agenda: https://fedoraproject.org/wiki/Security_Team_meetings
======================================================================================================
Meeting started by Sparks_too at 14:00:35 UTC. The full logs are
available at
http://meetbot.fedoraproject.org/fedora-meeting/2014-12-04/fedora_securit...
.
Meeting summary
- ---------------
* Roll Call (Sparks_too, 14:00:42)
* Participants are reminded to make liberal use of #info #link #help
in order to make the minutes "more better" (Sparks_too, 14:06:06)
* Outstanding BZ Tickets (Sparks_too, 14:06:13)
* Wednesday's numbers: Critical 1, Important 49, Moderate 419, Low
158, Total 627, Trend +27 (Sparks_too, 14:06:20)
* Open floor discussion/questions/comments (Sparks_too, 14:44:09)
* LINK:
https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_configurations
(Sparks_too, 14:57:24)
Meeting ended at 15:00:32 UTC.
Action Items
- ------------
Action Items, by person
- -----------------------
* **UNASSIGNED**
* (none)
People Present (lines said)
- ---------------------------
* pjp (48)
* Sparks_too (43)
* jrusnack (17)
* bvincent (7)
* zodbot (6)
* mhayden (2)
* sgallagh (2)
* jsmith (1)
* jtaylor90 (1)
Generated by `MeetBot`_ 0.1.4
.. _`MeetBot`: http://wiki.debian.org/MeetBot
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQGcBAEBCgAGBQJUgH9mAAoJEB/kgVGp2CYvVRgMAJiTmWCgwmALXULsDj5IZj8P
niKSqZpROuwHFs5l4QfZIKi0uj3QTy5cHacjBpm99ivRP30v5wF6LYr1WiqTUf7l
5Zh7NSDxSEX16SzoFzOm8stRIJSbMQeOO65VZI5+RapsJpuK1GzOA6R83s2f/wO5
LaUpAQalen6UHsWp/UBGFC6vsLhmdoyRsIPd60DpIm40VP7vGPLIJru4lOFKchEp
MjeF9onPY8iNWO/lIpzIEpOFenw+Vs4FqFYVBGsxPVAxihC4gq+9BvNDf3XkIG0j
Fpq5N+OznTVMzkuSc1agQVbQx/7OSFM2SZvmfmuP/PRt2a0b513E95cNou6geycD
GUn4buE1sOVQKFSbmx3EhSx99bmcdhFiO/fgSsJwlF7PcLoJ1upxC9vM5Nfr8t8e
kv2ShmdSsvspTmvgFoXX5yX2Ps4lZWRLrx6QYeqwVeg1MSGR9pIr0ej38sEmfvds
LJWIhpX7fggppjwgzXravTIXuCKU1vYnpfqwSCf+BQ==
=ZqJL
-----END PGP SIGNATURE-----
9 years
