[openstack-dev] [kolla][security] Obtaining the vulnerability:managed tag

Adam Heczko aheczko at mirantis.com
Tue Mar 1 20:57:24 UTC 2016

Hi Steven,
I'd like to help you with vulnerability management process of Kolla and
become a member of Kolla VMT team.
I have experience and expertise in IT security and related to it processes.

Best regards,


On Tue, Mar 1, 2016 at 5:55 PM, Steven Dake (stdake) <stdake at cisco.com>

> Core reviewers,
> Please review this document:
> https://github.com/openstack/governance/blob/master/reference/tags/vulnerability_managed.rst
> It describes how vulnerability management is handled at a high level for
> Kolla.  When we are ready, I want the kolla delivery repos vulnerabilities
> to be managed by the VMT team.  By doing this, we standardize with other
> OpenStack processes for handling security vulnerabilities.
> The first step is to form a kolla-coresec team, and create a separate
> kolla-coresec tracker.  I have already created the tracker for
> kolla-coresec and the kolla-coresec team in launchpad:
> https://launchpad.net/~kolla-coresec
> https://launchpad.net/kolla-coresec
> I have a history of security expertise, and the PTL needs to be on the
> team as an escalation point as described in the VMT tagging document
> above.  I also need 2-3 more volunteers to join the team.  You can read the
> requirements of the job duties in the vulnerability:managed tag.
> If your interested in joining the VMT team, please respond on this
> thread.  If there are more then 4 individuals interested in joining this
> team, I will form the team from the most active members based upon liberty
> + mitaka commits, reviews, and PDE spent.
> Regards
> -steve
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Adam Heczko
Security Engineer @ Mirantis Inc.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160301/487f91f7/attachment.html>

More information about the OpenStack-dev mailing list