Meeting minutes for 2014-07-30
Eric H. Christensen
sparks at fedoraproject.org
Wed Jul 30 20:02:57 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
========================================================================================================
#fedora-meeting-1: Security Team Meeting - Agenda: https://fedoraproject.org/wiki/Security_Team_meetings
========================================================================================================
Meeting started by Sparks_too at 19:00:09 UTC. The full logs are
available at
http://meetbot.fedoraproject.org/fedora-meeting-1/2014-07-30/fedora_security_team.2014-07-30-19.00.log.html
.
Meeting summary
- ---------------
* Roll Call (Sparks_too, 19:00:18)
* Participants are reminded to make liberal use of #info #link #help
in order to make the minutes "more better" (Sparks_too, 19:05:59)
* Follow up on last week's action items (10 minutes) (Sparks_too,
19:06:05)
* jrusnack documented the use of fst_owner at
https://fedoraproject.org/wiki/Security_Team#Taking_ownership_of_tracking_bugs
(Sparks_too, 19:06:52)
* sent patches that fix CVE-2014-4440 and CVE-2014-4442, analysis
about CVE-2014-4441, so far no response (jrusnack, 19:09:03)
* Roster (Sparks_too, 19:10:14)
* LINK: https://fedoraproject.org/wiki/Security_Team_Roster
(Sparks_too, 19:10:29)
* that roster needs more info. like, name, bugzilla account, irc nick
at least (jrusnack, 19:11:04)
* ACTION: Sparks to send a message to the list asking people to add
themselves to the roster (Sparks_too, 19:16:56)
* Rewards (Sparks_too, 19:20:55)
* IDEA: Create a badge for fixing 50, 100, 200, 500, and 1000 security
bugs (Sparks_too, 19:22:26)
* ACTION: ignatenkobrain to write a script to somehow get stats from
BZ and use them for the badge system (Sparks_too, 19:26:58)
* AGREED: Badges for fixing 50, 100, 200, 500, and 1000 security bugs.
(Sparks_too, 19:29:16)
* IDEA: Make t-shirts for FST members who close x number of cases
(Sparks_too, 19:29:38)
* IDEA: Hall of fame webpage (Sparks_too, 19:32:13)
* LINK: https://github.com/ignatenkobrain/fedora-security-team
(ignatenkobrain, 19:35:00)
* AGREED: T-shirts for those closing 50 vulnerabilities (pending
funding) (Sparks_too, 19:35:41)
* ACTION: ignatenkobrain to write a script to somehow get stats from
BZ and use them for "hall of fame" FST wiki page (ignatenkobrain,
19:37:00)
* ACTION: ignatenkobrain to request git repo for FST scripts
(ignatenkobrain, 19:38:15)
* AGREED: Hall of Fame showing FST members and their current
vulnerabilities closed count (Sparks_too, 19:38:37)
* Outstanding BZ Tickets (Sparks_too, 19:40:05)
* Monday's numbers: Critical 3, Important 69, Moderate 366, Low 128,
Total 566, Trend -11 (Sparks_too, 19:40:14)
* LINK:
https://bugzilla.redhat.com/query.cgi?bug_status=POST&chfield=bug_status&chfieldto=1w&chfieldvalue=POST&classification=Fedora&keywords=SecurityTracking%2C%20&keywords_type=allwords&query_format=advanced
(ignatenkobrain, 19:43:07)
* Open floor discussion (Sparks_too, 19:56:34)
Meeting ended at 20:01:08 UTC.
Action Items
- ------------
* Sparks to send a message to the list asking people to add themselves
to the roster
* ignatenkobrain to write a script to somehow get stats from BZ and use
them for the badge system
* ignatenkobrain to write a script to somehow get stats from BZ and use
them for "hall of fame" FST wiki page
* ignatenkobrain to request git repo for FST scripts
Action Items, by person
- -----------------------
* ignatenkobrain
* ignatenkobrain to write a script to somehow get stats from BZ and
use them for the badge system
* ignatenkobrain to write a script to somehow get stats from BZ and
use them for "hall of fame" FST wiki page
* ignatenkobrain to request git repo for FST scripts
* **UNASSIGNED**
* Sparks to send a message to the list asking people to add themselves
to the roster
People Present (lines said)
- ---------------------------
* Sparks_too (99)
* ignatenkobrain (77)
* jrusnack (29)
* revskills (10)
* bojov (10)
* zodbot (9)
* BVincent (9)
* jsmith (7)
* thoger (3)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQGcBAEBCgAGBQJT2U9uAAoJEB/kgVGp2CYvmpAL/001z0BxBKhfB2JU9DUVqkb7
M5gbHtuYVecNxjhBwOG8jumlW+CbOfm1dLbWYbxOBwduoK3PPekVcHi55TX/dHrY
GgdathNWxZlGi8BS0Bm8FsHi61aLB4SRrcdZoL87SacH81KjxUdUdf2PVyiIWHq+
6+8Kd1kFmTlU5AVvlnG0q4O7ji7sqyJ8gmhLJuotess2TucSL0m1SWhUMosJyKzh
CoXqBY6j11JvbRExq7h2M/LyIgJuYyFxf/fII/q+BtuS1ieUIHeo8EdnHuiCygyj
G8awOvYOeOLVUS1kXKFcgqnxpsbq0KiTH4Owcqo28uV4OaW2DwNldpZ6EDHGR0Up
KnRT2qTwbpoSQhjvIWgwlO1qv7WHFAarSNy4TLbivQBYOyRYfGcLcr9TmY3jV58r
t+rU2buDaxuElhWlYlfy+qK4ARXgQkUF7XazN7Ba2ZOlHn2cokjcqCS83sxmfl1x
EDreihCQT2ti3APvgTmeWDbIdKMKDSR6nLfBgqfQ6Q==
=lVmF
-----END PGP SIGNATURE-----
More information about the security-team
mailing list