======================================================================================================
#fedora-meeting: Security Team Meeting - Agenda:
https://fedoraproject.org/wiki/Security_Team_meetings
======================================================================================================
Meeting started by Sparks at 14:00:33 UTC. The full logs are available
at
http://meetbot.fedoraproject.org/fedora-meeting/2015-04-09/fedora_security_…
.
Meeting summary
---------------
* Roll Call (Sparks, 14:00:46)
* Follow up on last week's tasks (Sparks, 14:07:03)
* ACTION: jsmith to patch rubygem-activesupport as provenpackager (BZ
905374) (Sparks, 14:07:17)
* jsmith was having problems with this package since it's ruby. He
may have found some assistance with it, however. (Sparks, 14:07:53)
* pjp started the non-responsive maintainer procedure on
rubygem-active support (Sparks, 14:09:44)
* LINK: https://bugzilla.redhat.com/show_bug.cgi?id=1209124 (Sparks,
14:09:53)
* ACTION: pjp to continue monitoring the non-responsive maintainer for
rubygem-activesupport. Follow up in one week. (Sparks, 14:10:51)
* Sparks did discuss the 90-day challenge with the Security Team (more
on that later) (Sparks, 14:11:23)
* Sparks closed all retired-package CVE tickets for EPEL (Sparks,
14:12:24)
* Outstanding BZ Tickets (Sparks, 14:14:37)
* Thursday's numbers: Critical 1, Important 41 (-7), Moderate 350
(-29), Low 163 (-7), Total 556, Trend -43 (Sparks, 14:14:46)
* Current tickets owned: 147 (~26%) (Sparks, 14:14:53)
* Tickets closed: 271 (+22) (Sparks, 14:14:59)
* 90-Day Challenge (Sparks, 14:20:59)
* 90-Day Challenge has a goal to close all 2014 and prior Important
CVEs in Fedora (Sparks, 14:21:07)
* of the 38 Important CVEs, 1 has been closed, 8 are On_QA (Sparks,
14:21:43)
* Many of these tickets haven't been followed up on in recent times
and should be. (Sparks, 14:22:20)
* Sparks will unassign tickets from fst_owners if they don't follow up
within a week. (Sparks, 14:22:44)
* ACTION: Sparks to blog about the challenge (Sparks, 14:24:43)
* Open floor discussion/questions/comments (Sparks, 14:24:53)
Meeting ended at 14:36:54 UTC.
Action Items
------------
* jsmith to patch rubygem-activesupport as provenpackager (BZ 905374)
* pjp to continue monitoring the non-responsive maintainer for
rubygem-activesupport. Follow up in one week.
* Sparks to blog about the challenge
Action Items, by person
-----------------------
* pjp
* pjp to continue monitoring the non-responsive maintainer for
rubygem-activesupport. Follow up in one week.
* Sparks
* Sparks to blog about the challenge
* **UNASSIGNED**
* jsmith to patch rubygem-activesupport as provenpackager (BZ 905374)
People Present (lines said)
---------------------------
* Sparks (55)
* pjp (17)
* randomuser (5)
* zodbot (5)
* jtaylor90 (2)
* bvincent (1)
======================================================================================================
#fedora-meeting: Security Team Meeting - Agenda:
https://fedoraproject.org/wiki/Security_Team_meetings
======================================================================================================
Meeting started by Sparks at 14:00:43 UTC. The full logs are available
at
http://meetbot.fedoraproject.org/fedora-meeting/2015-04-02/fedora_security_…
.
Meeting summary
---------------
* Roll Call (Sparks, 14:00:49)
* Participants are reminded to make liberal use of #info #link #help
in order to make the minutes "more better" (Sparks, 14:09:21)
* Outstanding BZ Tickets (Sparks, 14:09:29)
* Thursday's numbers: Critical 1, Important 48 (+2), Moderate 379
(+3), Low 170 (+7), Total 598, Trend +12 (Sparks, 14:09:39)
* Current tickets owned: 169 (~28%) (Sparks, 14:09:45)
* Tickets closed: 249 (+2) (Sparks, 14:09:49)
* LINK: http://ronin-ruby.github.io/blog/2013/01/28/new-rails-poc.html
(bvincent, 14:13:36)
* ACTION: jsmith to patch rubygem-activesupport as provenpackager (BZ
905374) (Sparks, 14:17:32)
* ACTION: pjp to start non-responsive maintainer against
rubygem-activesupport in EPEL6 (Sparks, 14:20:20)
* ACTION: Team Goal: All important CVEs from 2014 and before should be
fixed by the end of June. (Sparks, 14:25:01)
* ACTION: Sparks to talk about the team goal to the list. (Sparks,
14:25:15)
* ACTION: Sparks to complete the tickets of packages removed from EPEL
earlier this year. (Sparks, 14:25:36)
* Open floor discussion/questions/comments (Sparks, 14:27:58)
Meeting ended at 14:39:39 UTC.
Action Items
------------
* jsmith to patch rubygem-activesupport as provenpackager (BZ 905374)
* pjp to start non-responsive maintainer against rubygem-activesupport
in EPEL6
* Team Goal: All important CVEs from 2014 and before should be fixed by
the end of June.
* Sparks to talk about the team goal to the list.
* Sparks to complete the tickets of packages removed from EPEL earlier
this year.
Action Items, by person
-----------------------
* jsmith
* jsmith to patch rubygem-activesupport as provenpackager (BZ 905374)
* pjp
* pjp to start non-responsive maintainer against rubygem-activesupport
in EPEL6
* Sparks
* Sparks to talk about the team goal to the list.
* Sparks to complete the tickets of packages removed from EPEL earlier
this year.
* **UNASSIGNED**
* Team Goal: All important CVEs from 2014 and before should be fixed
by the end of June.
People Present (lines said)
---------------------------
* Sparks (42)
* pjp (17)
* bvincent (6)
* zodbot (5)
* striker (5)
* jsmith (4)