#fedora-meeting: Security Team Meeting - Agenda: https://fedoraproject.org/wiki/Security_Team_meetings

Meeting summary

1. Roll Call (mhayden, 14:01:02)
   1. Participants are reminded to make liberal use of #info #link #help in order to make the minutes "more better" (mhayden, 14:05:08)
   
   
2. 90-Day Challenge (mhayden, 14:05:19)
   1. https://ethercalc.org/90-day-challenge (mhayden, 14:05:33)
   2. 90-Day Challenge has a goal to close all 2014 and prior Important CVEs in Fedora (mhayden, 14:05:39)
   
   
3. Outstanding BZ Tickets (mhayden, 14:08:18)
   1. https://lists.linuxcontainers.org/pipermail/lxc-devel/2015-June/011898.html (mhayden, 14:11:18)
   2. https://fedoraproject.org/wiki/LXC_Template_Security_Improvements (mhayden, 14:14:20)
   
   
4. Open floor discussion/questions/comments (mhayden, 14:22:51)
   1. http://meetbot.fedoraproject.org/fedora-meeting/2015-06-11/fedora_security_team.2015-06-11-14.00.log.html (d-caf, 14:23:22)
   2. For non-responsive maintainers at redhat.com email addresses, reach out to scorneli (mhayden, 14:24:28)
   3. ACTION: Check in with Fabio0live about the non-responsive maintainer process automation (mhayden, 14:24:51)
   4. Biggest barrier to closing security bugs is non-responsive maintainers (mhayden, 14:25:12)
   5. IDEA: Possibly use provenpackers in FST to tackle high priority security bugs on non-responsive maintainer packages -- needs more discussion (mhayden, 14:29:36)
   6. Provenpackager access has been used in the past for critical bugs (thanks d-caf) (mhayden, 14:30:20)
   7. https://www.youtube.com/watch?v=a9lE9Urr6AQ (mhayden, 14:32:49)
   8. Super Privileged Containers- > https://www.youtube.com/watch?v=dM2Fc53Dtd4 (mhayden, 14:33:21)

Action items

1. Check in with Fabio0live about the non-responsive maintainer process automation

People present (lines said)

1. mhayden (85)
2. d-caf (37)
3. scorneli (6)
4. revskills (4)
5. zodbot (3)
6. jrusnack (2)
7. striker (1)