[Security SIG] Weekly Newsletter - May 23rd 2019

Gage Hugo gagehugo at gmail.com
Fri May 24 20:44:15 UTC 2019 

At the Denver Summit, one of the forum sessions was a PTL Tips & Tricks
session[0] where one topic was sending out a project update email. Other
projects/SIGs seem to do this from time-to-time (this idea was mostly
inspired by Keystone's weekly newsletter, thanks cmurphy!) and the plan for
the Security SIG to do something similar was discussed during this week's
meeting and seemed to have unanimous approval.

So starting this week, the Security SIG will begin sending out a weekly
newsletter, the overall goal of this is to provide updates to the
happenings of the Security SIG as well as provide insight to the current
security happenings within OpenStack. As the amount of content varies week
to week, the occurrence may be tweaked in the future to something bi-weekly
or monthly as we see how this goes.

[0] https://etherpad.openstack.org/p/DEN-ptl-tips-and-tricks

If there's anything else you would like to see here or feedback you'd like
to give, please feel free to respond here, reach out via IRC in
#openstack-security, and/or comment in the newsletter etherpad here:
https://etherpad.openstack.org/p/security-sig-newsletter. Thanks!

# Week of: 23 May 2019

   - Security SIG Meeting Info:
   http://eavesdrop.openstack.org/#Security_SIG_meeting


   - Weekly on Thursday at 1500 UTC in #openstack-meeting


   - Agenda: https://etherpad.openstack.org/p/security-agenda


   - https://security.openstack.org/


   - https://wiki.openstack.org/wiki/Security-SIG


## Meeting Notes

   - Summary:
   http://eavesdrop.openstack.org/meetings/security/2019/security.2019-05-23-15.00.txt


   - TL;DR: During this week's meeting, we discussed the two bugs/stories
   listed below, as well as the idea of sending out some Security SIG
   newsletter.


## VMT Bug List
A full list of publicly marked security issues can be found here:
https://bugs.launchpad.net/ossa/
Updates from this week:

   - Security Group filtering hides rules from user Edit:
   https://bugs.launchpad.net/ossa/+bug/1824248


   - This was made public this week, and multiple fixes have been submitted.


   - SQL Injection vulnerability in node_cache:
   https://storyboard.openstack.org/#!/story/2005678


   - Made public this week, multiple fixes have been submitted/merged
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190524/2193720a/attachment-0001.html>

More information about the openstack-discuss mailing list