13:02:24 <Sparks> #startmeeting Security Team Meeting - Agenda: https://fedoraproject.org/wiki/Security_Team_meetings
13:02:24 <zodbot> Meeting started Thu Oct 23 13:02:24 2014 UTC.  The chair is Sparks. Information about MeetBot at http://wiki.debian.org/MeetBot.
13:02:24 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
13:02:27 <Sparks> #meetingname Fedora Security Team
13:02:27 <zodbot> The meeting name has been set to 'fedora_security_team'
13:02:32 <Sparks> #topic Roll Cal
13:02:34 <jsmith> .hellomynameis jsmith
13:02:35 <zodbot> jsmith: jsmith 'Jared Smith' <jsmith.fedora@gmail.com>
13:02:35 <Sparks> #undo
13:02:36 <zodbot> Removing item from minutes: <MeetBot.items.Topic object at 0x31f6edd0>
13:02:36 <bvincent> .fas bvincent
13:02:39 <zodbot> bvincent: bvincent 'Brandon Vincent' <Brandon.Vincent@asu.edu>
13:02:40 <Sparks> #topic Roll Call
13:02:42 * Sparks 
13:02:45 <d-caf> hello
13:02:47 <d-caf> here
13:02:52 <jsmith> Morning all
13:02:54 <jtaylor90> morning
13:10:43 <jsmith> Shall we continue?
13:11:25 <Sparks> jsmith: Sorry, I'm trying to catch up numbers...
13:11:37 <jsmith> Ah :-)
13:12:22 <Sparks> Sorry, it's been a morning here....
13:12:28 <Sparks> #topic Outstanding BZ Tickets
13:12:45 <Sparks> #info Thursday's numbers: Critical 1, Important 50, Moderate 342, Low 122, Total 515, Trend -17
13:12:53 <Sparks> #info Current tickets owned: 166 (~32%)
13:13:00 <Sparks> #info Tickets closed: 128
13:13:13 <Sparks> Anyone have any ticket issues they'd like to talk about?
13:17:17 <Sparks> #topic Open floor discussion/questions/comments
13:17:27 <Sparks> Anyone have anything they want to talk about?
13:18:05 <jtaylor90> nothing on my side, just been working on contacting maintainers
13:18:28 <jtaylor90> which is a sort of adventure by itself
13:20:07 <bvincent> On the bright side, Fedora 19 support will be EOL soon.
13:20:39 <d-caf> jtaylor90: Yes, I like it when they say sorry busy right now could you take care of it...
13:21:29 <jtaylor90> d-caf: hah yeah that's a favorite
13:21:55 <jtaylor90> Sparks: did you or someone get all the orphaned package tickets already?
13:23:21 <jtaylor90> just curious if there will be a large ticket drop once the epel orphan package report items start being retired
13:24:17 <Sparks> jtaylor90: I picked up the orphaned tickets for EPEL a while back.  I haven't checked for them recently.
13:24:30 <Sparks> jtaylor90: I suspect there will be.
13:25:00 <jtaylor90> gotcha
13:27:03 <jtaylor90> Is there any kind of framework or process we could leverage to get the tickets more visibility?
13:27:35 <jtaylor90> for instance, a BZ gets opened for a package, no response from the package maintainer in x time, sends the ticket to releng
13:27:44 <jsmith> (or provenpackagers)
13:28:08 <jtaylor90> yeah or that :)
13:31:35 <Sparks> jtaylor90: And I think jsmith is a proven packager.
13:31:36 <Sparks> :)
13:31:43 <Sparks> Okay, anyone have anything else?
13:31:48 <jtaylor90> so forward everything to jsmith? :)
13:31:53 <Sparks> jtaylor90: Yes
13:32:09 <jtaylor90> perfect
13:32:10 <jsmith> jtaylor90: Start by forwarding one or two things to me, and I'll see if I can keep up with the workload
13:32:13 <jsmith> :-)
13:32:23 <jsmith> But yes -- I'm willing to try to work on issues as I'm able
13:32:29 <jsmith> I already average one or two a week
13:33:14 <jtaylor90> nice
13:33:58 <jsmith> If there's anything in particular you want me to look at today, let me know, as today is a good day :-)
13:34:35 <jtaylor90> awesome, I will follow up with you after this
13:35:03 <jsmith> I'm also thinking of a weekly email to the -devel list letting people know of unhandled issues might be appropriate
13:35:37 <jsmith> ... hoping that more provenpackagers will *see* that there are issues that we need help with, even if they don't attend this meeting
13:36:01 <jtaylor90> seems like that would be frequent enough to be visible but not spamish
13:37:28 <Sparks> jsmith: +1
13:37:36 <Sparks> jsmith: It would be nice to automate that.
13:37:57 <jtaylor90> +1 from me if it matters lol
13:38:09 <jsmith> Sparks: We'll work on that :-)
13:38:51 <bvincent> Who had those rubygem BZ reports?
13:38:51 <Sparks> #action jsmith to figure out how to send an email to {fedora,epel}-devel regarding unhandled security bugs.
13:39:48 <jsmith> bvincent: I'm not sure :-(
13:39:59 <bvincent> It looks like new rubygems packages will be reaching EPEL soon.
13:40:43 <Sparks> bvincent: Oh, yes, they got moved this week.
13:41:06 <bvincent> I think that was the only active Critical bug.
13:46:39 <Sparks> bvincent: We grew a new one
13:50:23 <d-caf> Sparks: Which I only see that one in crit, or is it yet to be released
13:51:43 <Sparks> d-caf: No, that's the one
13:51:52 <Sparks> Okay, anyone have anything else?
13:52:00 * Sparks needs to get ready for his next meeting.
13:52:12 <d-caf> nothing else here
13:52:18 <jtaylor90> all set here
13:53:08 <bvincent> I think this is the longest a meeting has gone...
13:53:41 <Sparks> Okay, thanks for coming out!  We'll see you around the Internetz.
13:53:44 <Sparks> #endmeeting