#fedora-meeting: Security Team Meeting - Agenda: https://fedoraproject.org/wiki/Security_Team_meetings

Meeting started by Sparks at 14:00:33 UTC (full logs).

Meeting summary

  1. Roll Call (Sparks, 14:00:46)
  2. Follow up on last week's tasks (Sparks, 14:07:03)
    1. ACTION: jsmith to patch rubygem-activesupport as provenpackager (BZ 905374) (Sparks, 14:07:17)
    2. jsmith was having problems with this package since it's ruby. He may have found some assistance with it, however. (Sparks, 14:07:53)
    3. pjp started the non-responsive maintainer procedure on rubygem-active support (Sparks, 14:09:44)
    4. https://bugzilla.redhat.com/show_bug.cgi?id=1209124 (Sparks, 14:09:53)
    5. ACTION: pjp to continue monitoring the non-responsive maintainer for rubygem-activesupport. Follow up in one week. (Sparks, 14:10:51)
    6. Sparks did discuss the 90-day challenge with the Security Team (more on that later) (Sparks, 14:11:23)
    7. Sparks closed all retired-package CVE tickets for EPEL (Sparks, 14:12:24)

  3. Outstanding BZ Tickets (Sparks, 14:14:37)
    1. Thursday's numbers: Critical 1, Important 41 (-7), Moderate 350 (-29), Low 163 (-7), Total 556, Trend -43 (Sparks, 14:14:46)
    2. Current tickets owned: 147 (~26%) (Sparks, 14:14:53)
    3. Tickets closed: 271 (+22) (Sparks, 14:14:59)

  4. 90-Day Challenge (Sparks, 14:20:59)
    1. 90-Day Challenge has a goal to close all 2014 and prior Important CVEs in Fedora (Sparks, 14:21:07)
    2. of the 38 Important CVEs, 1 has been closed, 8 are On_QA (Sparks, 14:21:43)
    3. Many of these tickets haven't been followed up on in recent times and should be. (Sparks, 14:22:20)
    4. Sparks will unassign tickets from fst_owners if they don't follow up within a week. (Sparks, 14:22:44)
    5. ACTION: Sparks to blog about the challenge (Sparks, 14:24:43)

  5. Open floor discussion/questions/comments (Sparks, 14:24:53)


Meeting ended at 14:36:54 UTC (full logs).

Action items

  1. jsmith to patch rubygem-activesupport as provenpackager (BZ 905374)
  2. pjp to continue monitoring the non-responsive maintainer for rubygem-activesupport. Follow up in one week.
  3. Sparks to blog about the challenge


Action items, by person

  1. pjp
    1. pjp to continue monitoring the non-responsive maintainer for rubygem-activesupport. Follow up in one week.
  2. Sparks
    1. Sparks to blog about the challenge


People present (lines said)

  1. Sparks (55)
  2. pjp (17)
  3. randomuser (5)
  4. zodbot (5)
  5. jtaylor90 (2)
  6. bvincent (1)


Generated by MeetBot 0.1.4.