#mageia-dev Meeting

Meeting started by ennael at 19:10:04 UTC (full logs).

Meeting summary

  1. build secteam team (ennael, 19:18:04)
    1. https://www.mageia.org/pipermail/mageia-dev/20110415/003999.html (misc, 19:22:24)
    2. https://launchpad.net/~ubuntu-security (pterjan, 19:42:53)
    3. https://launchpad.net/~ubuntu-security/+mugshots (pterjan, 19:43:06)
    4. check the condition for handling private exploit for bug (misc, 19:44:15)
    5. check that bugzilla can handle private bug ( based on ldap if possible ) (misc, 19:45:02)
    6. http://oss-security.openwall.org/wiki/vendors (pterjan, 19:45:58)
    7. ACTION: boklm check with debian people for the way they handle security (misc, 19:49:39)
    8. requires testing vm to be avaliable (misc, 19:51:26)
    9. security@ should be sent to the team in charge of security and should forward to sysadmin (misc, 19:55:59)
    10. http://www.bugzilla.org/features/#private (pterjan, 20:01:11)
    11. ACTION: check if exploit need to be kept private or not (misc, 20:03:18)
    12. ACTION: misc bring the issue for next council meeting (misc, 20:09:17)
    13. http://oss-security.openwall.org/wiki/ (ennael, 20:12:30)
    14. http://article.gmane.org/gmane.comp.security.oss.general/4894 (stewb, 20:18:24)
    15. thread about the replacement of vendor-sec http://thread.gmane.org/gmane.comp.security.oss.general/4650/focus=4894 (misc, 20:19:33)
    16. http://thread.gmane.org/gmane.comp.security.oss.general/4650/focus=4894 (boklm, 20:21:07)
    17. we should have 2 people for the vendor-sec replacement (misc, 20:25:39)
    18. we should have at least 2 people for the vendor-sec replacement ( but not too many ) (misc, 20:26:55)
    19. ACTION: ask to the webteam about publish advisories (misc, 20:33:56)
    20. http://www.bugzilla.org/features/#custom-fields seems the most appropriate (pterjan, 20:45:48)
    21. ACTION: sysadmins add CVE field for the security category (misc, 20:51:51)
    22. ACTION: sysadmins add security category (misc, 20:52:11)
    23. security bugs are assigned to bug triage team for now, as everything is public (misc, 21:01:45)


Meeting ended at 21:09:53 UTC (full logs).

Action items

  1. boklm check with debian people for the way they handle security
  2. check if exploit need to be kept private or not
  3. misc bring the issue for next council meeting
  4. ask to the webteam about publish advisories
  5. sysadmins add CVE field for the security category
  6. sysadmins add security category


Action items, by person

  1. boklm
    1. boklm check with debian people for the way they handle security
  2. misc
    1. misc bring the issue for next council meeting
  3. UNASSIGNED
    1. check if exploit need to be kept private or not
    2. ask to the webteam about publish advisories
    3. sysadmins add CVE field for the security category
    4. sysadmins add security category


People present (lines said)

  1. misc (128)
  2. pterjan (112)
  3. boklm (70)
  4. ennael (46)
  5. stewb (27)
  6. erzulie (14)
  7. shikamaru (13)
  8. spturtle (6)
  9. AndroUser2 (5)
  10. Kharec (3)
  11. dmorgan (2)
  12. Inigo_Montoya` (2)
  13. mikala (1)
  14. Ruperto (1)


Generated by MeetBot 0.1.4.