<div dir="ltr">So I wrote the newsletter for last week, but forgot to send out the actual email, so this week will have double the content!<div><br></div><div><div id="gmail-magicdomid29" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px;line-height:1.5em">#Week of: 20 June 2019</span></h3></div><div id="gmail-magicdomid30" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Security SIG Meeting Info: </span><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="http://eavesdrop.openstack.org/#Security_SIG_meeting" style="margin:0px;padding:0px;white-space:pre-wrap">http://eavesdrop.openstack.org/#Security_SIG_meeting</a></span></li></ul></div><div id="gmail-magicdomid31" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet2" style="margin:0px 0px 0px 3em;padding:0px;list-style-type:circle"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Weekly on Thursday at 1500 UTC in #openstack-meeting</span></li></ul></div><div id="gmail-magicdomid32" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet2" style="margin:0px 0px 0px 3em;padding:0px;list-style-type:circle"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Agenda: </span><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="https://etherpad.openstack.org/p/security-agenda" style="margin:0px;padding:0px;white-space:pre-wrap">https://etherpad.openstack.org/p/security-agenda</a></span></li></ul></div><div id="gmail-magicdomid33" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="https://security.openstack.org/" style="margin:0px;padding:0px;white-space:pre-wrap">https://security.openstack.org/</a></span></li></ul></div><div id="gmail-magicdomid34" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="https://wiki.openstack.org/wiki/Security-SIG" style="margin:0px;padding:0px;white-space:pre-wrap">https://wiki.openstack.org/wiki/Security-SIG</a></span></li></ul></div><div id="gmail-magicdomid35" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px;line-height:1.5em">#Meeting Notes</span></h3></div><div id="gmail-magicdomid36" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Summary: </span><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="http://eavesdrop.openstack.org/meetings/security/2019/security.2019-06-20-15.01.html" style="margin:0px;padding:0px;white-space:pre-wrap">http://eavesdrop.openstack.org/meetings/security/2019/security.2019-06-20-15.01.html</a></span></li></ul></div><div id="gmail-magicdomid37" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">This week we discussed cleaning up the <a href="http://security.openstack.org">security.openstack.org</a> page</span></li></ul></div><div id="gmail-magicdomid38" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet2" style="margin:0px 0px 0px 3em;padding:0px;list-style-type:circle"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Overall there are many outdated sections, we came up with a current rough plan that is outlined in the security-agenda notes for this week's meeting</span></li></ul></div><div id="gmail-magicdomid39" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Retiring Syntribos</span></li></ul></div><div id="gmail-magicdomid40" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet2" style="margin:0px 0px 0px 3em;padding:0px;list-style-type:circle"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">On the topic of cleaning up the <a href="http://security.openstack.org">security.openstack.org</a> page, one section is security tools, which currently lists bandit and syntribos.</span></li></ul></div><div id="gmail-magicdomid41" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet2" style="margin:0px 0px 0px 3em;padding:0px;list-style-type:circle"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Looking at the Syntribos repo, it seems like lately there's only been changes related to doc fixes and overall zuul updates, with a couple actual updates to the project.</span></li></ul></div><div id="gmail-magicdomid42" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet2" style="margin:0px 0px 0px 3em;padding:0px;list-style-type:circle"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">If there's anyone still with interest in updating/using Syntribos, please reach out to us.</span></li></ul></div><div id="gmail-magicdomid43" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><br style="margin:0px;padding:0px"></h3></div><div id="gmail-magicdomid44" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px;line-height:1.5em">## News</span></h3></div><div id="gmail-magicdomid45" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">[nova] TPM thread: </span><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="http://lists.openstack.org/pipermail/openstack-discuss/2019-June/007258.html" style="margin:0px;padding:0px;white-space:pre-wrap">http://lists.openstack.org/pipermail/openstack-discuss/2019-June/007258.html</a></span></li></ul></div><div id="gmail-magicdomid46" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><br style="margin:0px;padding:0px"></div><div id="gmail-magicdomid47" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px;line-height:1.5em"># VMT Reports</span></h3></div><div id="gmail-magicdomid48" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">A full list of publicly marked security issues can be found here: </span><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="https://bugs.launchpad.net/ossa/" style="margin:0px;padding:0px;white-space:pre-wrap">https://bugs.launchpad.net/ossa/</a></span></li></ul></div><div id="gmail-magicdomid49" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">No new public security bugs this week</span></li></ul></div><div id="gmail-magicdomid50" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><br style="margin:0px;padding:0px"></div><div id="gmail-magicdomid51" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><span class="gmail-" style="margin:0px;padding:1px 0px">========================================================================================================</span></div><div id="gmail-magicdomid52" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><br style="margin:0px;padding:0px"></div><div id="gmail-magicdomid53" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px;line-height:1.5em">#Week of: 13 June 2019</span></h3></div><div id="gmail-magicdomid54" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Security SIG Meeting Info: </span><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="http://eavesdrop.openstack.org/#Security_SIG_meeting" style="margin:0px;padding:0px;white-space:pre-wrap">http://eavesdrop.openstack.org/#Security_SIG_meeting</a></span></li></ul></div><div id="gmail-magicdomid55" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet2" style="margin:0px 0px 0px 3em;padding:0px;list-style-type:circle"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Weekly on Thursday at 1500 UTC in #openstack-meeting</span></li></ul></div><div id="gmail-magicdomid56" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet2" style="margin:0px 0px 0px 3em;padding:0px;list-style-type:circle"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Agenda: </span><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="https://etherpad.openstack.org/p/security-agenda" style="margin:0px;padding:0px;white-space:pre-wrap">https://etherpad.openstack.org/p/security-agenda</a></span></li></ul></div><div id="gmail-magicdomid57" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="https://security.openstack.org/" style="margin:0px;padding:0px;white-space:pre-wrap">https://security.openstack.org/</a></span></li></ul></div><div id="gmail-magicdomid58" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="https://wiki.openstack.org/wiki/Security-SIG" style="margin:0px;padding:0px;white-space:pre-wrap">https://wiki.openstack.org/wiki/Security-SIG</a></span></li></ul></div><div id="gmail-magicdomid59" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px;line-height:1.5em">#Meeting Notes</span></h3></div><div id="gmail-magicdomid60" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Summary: </span><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="http://eavesdrop.openstack.org/meetings/security/2019/security.2019-06-13-15.01.html" style="margin:0px;padding:0px;white-space:pre-wrap">http://eavesdrop.openstack.org/meetings/security/2019/security.2019-06-13-15.01.html</a></span></li></ul></div><div id="gmail-magicdomid61" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">This week we finalized the details and settings for the [openstack-security] mailing list. The list will be used to provide purely automated notifications about security-related changes and bug reports within OpenStack.  Anyone looking to reach out to the security SIG can either use the [openstack-discuss] mailing list or use the #openstack-security channel on freenode IRC.</span></li></ul></div><div id="gmail-magicdomid62" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><br style="margin:0px;padding:0px"></h3></div><div id="gmail-magicdomid63" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px;line-height:1.5em">## News</span></h3></div><div id="gmail-magicdomid64" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">Storyboard: The security team autoassignment feature landed</span></li></ul></div><div id="gmail-magicdomid65" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet2" style="margin:0px 0px 0px 3em;padding:0px;list-style-type:circle"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">If a new story is marked as "security" upon creation, it will automatically become private, however it can be edited to become public after it is created.</span></li></ul></div><div id="gmail-magicdomid66" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><br style="margin:0px;padding:0px"></h3></div><div id="gmail-magicdomid67" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><h3 style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px;line-height:1.5em"># VMT Reports</span></h3></div><div id="gmail-magicdomid68" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">A full list of publicly marked security issues can be found here: </span><span class="gmail-url" style="margin:0px;padding:1px 0px"><a href="https://bugs.launchpad.net/ossa/" style="margin:0px;padding:0px;white-space:pre-wrap">https://bugs.launchpad.net/ossa/</a></span></li></ul></div><div id="gmail-magicdomid69" class="gmail-ace-line" style="margin:0px;padding:0px;color:rgb(0,0,0);font-family:"Helvetica Neue",Arial,sans-serif;font-size:12px"><ul class="gmail-list-bullet1" style="margin:0px 0px 0px 1.5em;padding:0px"><li style="margin:0px;padding:0px"><span class="gmail-" style="margin:0px;padding:1px 0px">No new public security bugs this week</span></li></ul></div></div></div>