-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512

======================================================================================================== #fedora-meeting-1: Security Team Meeting - Agenda: https://fedoraproject.org/wiki/Security_Team_meetings ========================================================================================================

Meeting started by Sparks_too at 19:00:09 UTC. The full logs are available at http://meetbot.fedoraproject.org/fedora-meeting-1/2014-07-30/fedora_security... .

Meeting summary - --------------- * Roll Call (Sparks_too, 19:00:18) * Participants are reminded to make liberal use of #info #link #help in order to make the minutes "more better" (Sparks_too, 19:05:59)

* Follow up on last week's action items (10 minutes) (Sparks_too, 19:06:05) * jrusnack documented the use of fst_owner at https://fedoraproject.org/wiki/Security_Team#Taking_ownership_of_tracking_bu... (Sparks_too, 19:06:52) * sent patches that fix CVE-2014-4440 and CVE-2014-4442, analysis about CVE-2014-4441, so far no response (jrusnack, 19:09:03)

* Roster (Sparks_too, 19:10:14) * LINK: https://fedoraproject.org/wiki/Security_Team_Roster (Sparks_too, 19:10:29) * that roster needs more info. like, name, bugzilla account, irc nick at least (jrusnack, 19:11:04) * ACTION: Sparks to send a message to the list asking people to add themselves to the roster (Sparks_too, 19:16:56)

* Rewards (Sparks_too, 19:20:55) * IDEA: Create a badge for fixing 50, 100, 200, 500, and 1000 security bugs (Sparks_too, 19:22:26) * ACTION: ignatenkobrain to write a script to somehow get stats from BZ and use them for the badge system (Sparks_too, 19:26:58) * AGREED: Badges for fixing 50, 100, 200, 500, and 1000 security bugs. (Sparks_too, 19:29:16) * IDEA: Make t-shirts for FST members who close x number of cases (Sparks_too, 19:29:38) * IDEA: Hall of fame webpage (Sparks_too, 19:32:13) * LINK: https://github.com/ignatenkobrain/fedora-security-team (ignatenkobrain, 19:35:00) * AGREED: T-shirts for those closing 50 vulnerabilities (pending funding) (Sparks_too, 19:35:41) * ACTION: ignatenkobrain to write a script to somehow get stats from BZ and use them for "hall of fame" FST wiki page (ignatenkobrain, 19:37:00) * ACTION: ignatenkobrain to request git repo for FST scripts (ignatenkobrain, 19:38:15) * AGREED: Hall of Fame showing FST members and their current vulnerabilities closed count (Sparks_too, 19:38:37)

* Outstanding BZ Tickets (Sparks_too, 19:40:05) * Monday's numbers: Critical 3, Important 69, Moderate 366, Low 128, Total 566, Trend -11 (Sparks_too, 19:40:14) * LINK: https://bugzilla.redhat.com/query.cgi?bug_status=POST&chfield=bug_status... (ignatenkobrain, 19:43:07)

* Open floor discussion (Sparks_too, 19:56:34)

Meeting ended at 20:01:08 UTC.

Action Items - ------------ * Sparks to send a message to the list asking people to add themselves to the roster * ignatenkobrain to write a script to somehow get stats from BZ and use them for the badge system * ignatenkobrain to write a script to somehow get stats from BZ and use them for "hall of fame" FST wiki page * ignatenkobrain to request git repo for FST scripts

Action Items, by person - ----------------------- * ignatenkobrain * ignatenkobrain to write a script to somehow get stats from BZ and use them for the badge system * ignatenkobrain to write a script to somehow get stats from BZ and use them for "hall of fame" FST wiki page * ignatenkobrain to request git repo for FST scripts * **UNASSIGNED** * Sparks to send a message to the list asking people to add themselves to the roster

People Present (lines said) - --------------------------- * Sparks_too (99) * ignatenkobrain (77) * jrusnack (29) * revskills (10) * bojov (10) * zodbot (9) * BVincent (9) * jsmith (7) * thoger (3)