14:05:20 <Sparks> #startmeeting Security Team Meeting - Agenda: https://fedoraproject.org/wiki/Security_Team_meetings
14:05:20 <zodbot> Meeting started Thu Mar 24 14:05:20 2016 UTC.  The chair is Sparks. Information about MeetBot at http://wiki.debian.org/MeetBot.
14:05:20 <zodbot> Useful Commands: #action #agreed #halp #info #idea #link #topic.
14:05:20 <zodbot> The meeting name has been set to 'security_team_meeting_-_agenda:_https://fedoraproject.org/wiki/security_team_meetings'
14:05:21 <zoglesby> tick tock
14:05:23 <Sparks> #meetingname Fedora Security Team
14:05:23 <zodbot> The meeting name has been set to 'fedora_security_team'
14:05:26 <Sparks> #topic Roll Call
14:05:37 * Sparks 
14:05:46 * zoglesby 
14:06:39 * Sparks puts the final touches on the agenda for today
14:10:07 <Sparks> Okay, this promises to be a short meeting...
14:10:08 * linuxmodder 
14:10:15 <zoglesby> not anymore
14:10:25 <linuxmodder> huh
14:10:43 <Sparks> Okay, lets get going
14:10:50 <linuxmodder> why not zoglesby
14:10:54 <Sparks> #info Participants are reminded to make liberal use of #info #link #help in order to make the minutes "more better"
14:11:01 <Sparks> linuxmodder: Cause you're here
14:11:09 <Sparks> #topic Follow up on last week's tasks
14:11:12 <linuxmodder> what did dI do
14:11:23 * Sparks notes pjp is not here today and will just continue his actions
14:11:40 <Sparks> #action pjp to give a status update on security policy in the wiki (carried over)
14:11:49 <Sparks> #action Sparks to figure out how FST members can get access to Fedora security bugs (carried over)
14:12:08 <Sparks> #action pjp and d-caf to work on the feature requests for Koji and Bodhi for private builds for embargoed vulnerabilities.
14:12:24 <Sparks> zoglesby: Did you ever bring up the Apprenticeship on the list?
14:13:09 <zoglesby> nope, forgot until your ping, please move that to this week as well
14:13:31 <Sparks> #action zoglesby to take the Apprenticeship discussion to the list for further development
14:13:38 <Sparks> #topic Apprenticeship
14:14:00 <Sparks> There are a few more links that need to be populated on the Apprenticeship page
14:14:13 <Sparks> #link https://fedoraproject.org/wiki/Security_Team_Apprenticeship
14:15:13 <Sparks> Anyone have any thing to discuss for this topic?
14:16:26 <zoglesby> nope, only that it needs done
14:16:32 <Sparks> Okay, moving on
14:16:45 <Sparks> #topic Handling embargoed vulnerabilities
14:18:02 <Sparks> #info The management in Red Hat Product Security is investigating our ability to work closer with them.
14:18:16 <Sparks> I don't really have anything more than that.
14:18:29 * Sparks is waiting for pjp and d-caf to start their parts
14:18:43 <zoglesby> As in pre us doing what we need to or after we do FAD items?
14:18:43 <Sparks> Anyone have anything else?
14:19:59 <Sparks> No, overall
14:21:17 <Sparks> It's annoying as everyone seems to have a different idea of what we should have.
14:21:51 <zoglesby> well, if they have ideas they need to share them with us
14:21:51 <linuxmodder> what is the general concensus then
14:22:01 <Sparks> linuxmodder: There is none
14:22:14 <Sparks> zoglesby: I'm trying to figure out what ideas they might have...
14:22:19 <zoglesby> tell them fedora-security-team@lists.fedoraproject.org, not sparks@redhat.com
14:22:34 <Sparks> zoglesby: +1
14:23:01 <linuxmodder> noted
14:23:08 <Sparks> Okay, moving along...
14:23:24 <Sparks> #topic Outstanding BZ Tickets
14:23:24 <linuxmodder> but they  may think its gonna get  sparked off with the late r:)
14:23:32 <Sparks> #info Thursday's numbers: Critical 0 (0), Important 67 (+13), Moderate 485 (+11), Low 169 (-18), Total 721
14:23:38 <Sparks> +Tickets by Severity-+-------+---------+
14:23:38 <Sparks> | Severity | Tickets | Owned | Unowned |
14:23:38 <Sparks> +----------+---------+-------+---------+
14:23:38 <Sparks> | medium   | 485     | 40    | 445     |
14:23:38 <Sparks> | low      | 169     | 13    | 156     |
14:23:40 <Sparks> | high     | 67      | 30    | 37      |
14:23:43 <Sparks> +----------+---------+-------+---------+
14:23:51 <Sparks> We appear to be letting these highs get away from us, again...
14:24:07 <linuxmodder> where is that  new embargoed one  expected to drop into?
14:24:39 <Sparks> linuxmodder: The samba one?
14:25:04 <linuxmodder> think so the one  we  were talkign loosely  about yesterday  / early this am
14:25:11 <zoglesby> by the website it is a crit
14:25:16 <linuxmodder> with the  suspenseful teasers
14:25:23 <Sparks> Ummm.. I don't have it up at the moment.  Sometime in April.
14:25:41 <zoglesby> april 12th
14:25:44 <Sparks> The 12th I think (patch Tuesday)
14:25:44 <linuxmodder> ick we were doing so  well on  no crits
14:26:12 <Sparks> linuxmodder: This may be already getting fixed for Fedora; I'll need to check.
14:26:14 <linuxmodder> anywhere I might be  able to school up in in its  current  embargoed state?  or  shadow  someone
14:26:29 <linuxmodder> get the feet wet  persay
14:26:30 <Sparks> But we'll have another race to the finish line when it comes out.
14:26:59 <zoglesby> (I read it wrong, the website says it is a "crucial security bug")
14:27:33 <Sparks> What's the CVE?
14:27:42 <Sparks> nevermind
14:27:49 <zoglesby> I don't remember
14:28:09 <zoglesby> CVE-2016-2118
14:28:14 <Sparks> It's rated as Important
14:28:21 <zoglesby> but I don't think its important for this meeting
14:28:41 <Sparks> .whoowns samba
14:28:41 <zodbot> Sparks: gd
14:28:50 <Sparks> .fasinfo gd
14:28:52 <zodbot> Sparks: User: gd, Name: Guenther Deschner, email: gdeschner@redhat.com, Creation: 2007-05-03, IRC Nick: gd, Timezone: Europe/Berlin, Locale: en, GPG key ID: 8EE11688, Status: active
14:28:55 <zodbot> Sparks: Approved Groups: fedorabugs cla_fedora cla_done packager cla_redhat gitding-libs @gitgss-proxy
14:29:21 <Sparks> #action Sparks to contact gd to see if he is working on a patch for Fedora.
14:29:45 <Sparks> Anything else?
14:30:02 <linuxmodder> nfm
14:30:24 <zoglesby> no
14:30:33 <Sparks> #topic Open floor discussion/questions/comments
14:30:44 <Sparks> Okay, anything from anyone about anything?
14:30:47 <zoglesby> I have nothing more for today
14:31:57 <Sparks> linuxmodder: ???
14:32:02 <Southern_Gentlem> Sparks study for your Extra at SELF
14:32:17 <Sparks> Southern_Gentlem: de WG3K
14:32:28 <linuxmodder> nothing from me
14:32:46 <zoglesby> Sparks: are you going to SELF?
14:32:48 * linuxmodder needs to study  for that period :)
14:32:59 <Sparks> I hadn't really considered going...  I could
14:33:05 <zoglesby> err, this is not meeting topic
14:33:32 <Sparks> Okay, let's move this discussion to #fedora-security-team
14:33:39 <Sparks> Southern_Gentlem: Please join us there!
14:33:43 <Sparks> Thanks all
14:33:47 <Sparks> #endmeeting