[neutron][security-sig] Bug deputy report August 24 - 30
Slawek Kaplonski
skaplons at redhat.com
Tue Sep 1 16:44:36 UTC 2020
Hi,
On Tue, Sep 01, 2020 at 01:17:53PM +0000, Jeremy Stanley wrote:
> Hopefully it's not a lot of additional work, but the VMT would be
> thrilled if projects would also keep Public Security vulnerability
> reports in mind and try to wrap up any they can. For example, the
> Neutron project on Launchpad has 9 currently unresolved, some opened
> more than 3 years ago:
>
> <URL: https://bugs.launchpad.net/neutron/+bugs?field.searchtext=&orderby=-importance&search=Search&field.status%3Alist=NEW&field.status%3Alist=CONFIRMED&field.status%3Alist=TRIAGED&field.status%3Alist=INPROGRESS&field.status%3Alist=INCOMPLETE_WITH_RESPONSE&field.status%3Alist=INCOMPLETE_WITHOUT_RESPONSE&field.information_type%3Alist=PUBLICSECURITY >
Thx for the link Jeremy. I will check those bugs.
>
> I'm willing to bet at least a few are either fixed now, related to
> deprecated/removed functionality, or simply unreproducible. And if
> they're still real bugs but don't represent an actual exploitable
> vulnerability, that's good to know too (in which case we'd just
> switch them to regular Public bugs so the VMT no longer needs to
> keep track of those).
> --
> Jeremy Stanley
--
Slawek Kaplonski
Principal software engineer
Red Hat
More information about the openstack-discuss
mailing list