=============================
#openstack-security: security
=============================


Meeting started by fungi at 15:01:19 UTC.  The full logs are available
at
https://meetings.opendev.org/meetings/security/2023/security.2023-02-02-15.01.log.html
.



Meeting summary
---------------

* LINK: Agenda is at https://etherpad.opendev.org/p/security-agenda
  (fungi, 15:01:41)
* Picking a new meeting schedule  (fungi, 15:01:56)
  * LINK: Polls to work out a new meeting schedule
    https://lists.openstack.org/pipermail/openstack-discuss/2023-January/031908.html
    (fungi, 15:02:31)

* Virtual PTG  (fungi, 15:06:31)
  * LINK: Virtual PTG March 27-31 https://openinfra.dev/ptg  (fungi,
    15:07:30)
  * LINK: Brainstorming topics
    https://etherpad.opendev.org/p/mar2023-ptg-openstack-security
    (fungi, 15:09:11)

* Recent OSSAs  (fungi, 15:10:24)
  * LINK: Arbitrary file access through custom S3 XML entities
    https://security.openstack.org/ossa/OSSA-2023-001.html  (fungi,
    15:11:10)
  * LINK: Arbitrary file access through custom VMDK flat descriptor
    https://security.openstack.org/ossa/OSSA-2023-002.html  (fungi,
    15:11:21)
  * LINK: Downstream stakeholders
    https://security.openstack.org/vmt-process.html#downstream-stakeholders
    (fungi, 15:15:27)

* Newly public bug reports  (fungi, 15:18:46)
  * LINK: CVE-2019-10768 in Angular libs < 1.7.9
    https://launchpad.net/bugs/1997545 duplicate of
    https://launchpad.net/bugs/1955556  (fungi, 15:20:22)

* Anything else?  (fungi, 15:22:47)
  * Please remember to fill out the surveys in the ML post linked
    earlier so we can find a better time when people will be able to
    participate  (fungi, 15:29:42)



Meeting ended at 15:30:01 UTC.



People present (lines said)
---------------------------

* fungi (38)
* opendevmeet (3)



Generated by `MeetBot`_ 0.1.4