Past couple weeks were a bit slow, but this week has some updates! #Date: 19 Sept 2019 - Security SIG Meeting Info: http://eavesdrop.openstack.org/#Security_SIG_meeting - Weekly on Thursday at 1500 UTC in #openstack-meeting - Agenda: https://etherpad.openstack.org/p/security-agenda - https://security.openstack.org/ - https://wiki.openstack.org/wiki/Security-SIG #Meeting Notes - Summary: http://eavesdrop.openstack.org/meetings/security/2019/security.2019-09-19-15.00.html - Discussed the recently public big here: https://bugs.launchpad.net/horizon/+bug/1842930 - Current path forward is to clear up documentation to warn about this and provide info about caching settings. - nickthetait is currently working on https://bugs.launchpad.net/ossp-security-documentation/+bug/1703353 - Will create a page describing the usage and functionality of the audit middleware & CADF notifications #VMT Reports - A full list of publicly marked security issues can be found here: https://bugs.launchpad.net/ossa/ - Deleted user still can delete volumes in Horizon: https://bugs.launchpad.net/horizon/+bug/1842930 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190919/aa4abdb8/attachment.html>