======================================================================================================
#fedora-meeting: Security Team Meeting - Agenda:
https://fedoraproject.org/wiki/Security_Team_meetings
======================================================================================================
Meeting started by Sparks at 14:00:33 UTC. The full logs are available
at
http://meetbot.fedoraproject.org/fedora-meeting/2015-04-09/fedora_securit...
.
Meeting summary
---------------
* Roll Call (Sparks, 14:00:46)
* Follow up on last week's tasks (Sparks, 14:07:03)
* ACTION: jsmith to patch rubygem-activesupport as provenpackager (BZ
905374) (Sparks, 14:07:17)
* jsmith was having problems with this package since it's ruby. He
may have found some assistance with it, however. (Sparks, 14:07:53)
* pjp started the non-responsive maintainer procedure on
rubygem-active support (Sparks, 14:09:44)
* LINK:
https://bugzilla.redhat.com/show_bug.cgi?id=1209124 (Sparks,
14:09:53)
* ACTION: pjp to continue monitoring the non-responsive maintainer for
rubygem-activesupport. Follow up in one week. (Sparks, 14:10:51)
* Sparks did discuss the 90-day challenge with the Security Team (more
on that later) (Sparks, 14:11:23)
* Sparks closed all retired-package CVE tickets for EPEL (Sparks,
14:12:24)
* Outstanding BZ Tickets (Sparks, 14:14:37)
* Thursday's numbers: Critical 1, Important 41 (-7), Moderate 350
(-29), Low 163 (-7), Total 556, Trend -43 (Sparks, 14:14:46)
* Current tickets owned: 147 (~26%) (Sparks, 14:14:53)
* Tickets closed: 271 (+22) (Sparks, 14:14:59)
* 90-Day Challenge (Sparks, 14:20:59)
* 90-Day Challenge has a goal to close all 2014 and prior Important
CVEs in Fedora (Sparks, 14:21:07)
* of the 38 Important CVEs, 1 has been closed, 8 are On_QA (Sparks,
14:21:43)
* Many of these tickets haven't been followed up on in recent times
and should be. (Sparks, 14:22:20)
* Sparks will unassign tickets from fst_owners if they don't follow up
within a week. (Sparks, 14:22:44)
* ACTION: Sparks to blog about the challenge (Sparks, 14:24:43)
* Open floor discussion/questions/comments (Sparks, 14:24:53)
Meeting ended at 14:36:54 UTC.
Action Items
------------
* jsmith to patch rubygem-activesupport as provenpackager (BZ 905374)
* pjp to continue monitoring the non-responsive maintainer for
rubygem-activesupport. Follow up in one week.
* Sparks to blog about the challenge
Action Items, by person
-----------------------
* pjp
* pjp to continue monitoring the non-responsive maintainer for
rubygem-activesupport. Follow up in one week.
* Sparks
* Sparks to blog about the challenge
* **UNASSIGNED**
* jsmith to patch rubygem-activesupport as provenpackager (BZ 905374)
People Present (lines said)
---------------------------
* Sparks (55)
* pjp (17)
* randomuser (5)
* zodbot (5)
* jtaylor90 (2)
* bvincent (1)