From Fedora Project Wiki

Line 96: Line 96:
Siddharth
Siddharth


     https://bugzilla.redhat.com/show_bug.cgi?id=1031501  
     https://bugzilla.redhat.com/show_bug.cgi?id=1031501 [ CVE-2013-6800 / Closed fixed in f19 krb5-1.11.3 ]
 
     https://bugzilla.redhat.com/show_bug.cgi?id=1122813 [ CVE-2014-5044 / Needinfo / seems fixed in gcc-4.8.3-7.fc20 ]
    [ CVE-2013-6800 / Closed fixed in f19 krb5-1.11.3 ]
     https://bugzilla.redhat.com/show_bug.cgi?id=1158524 [ CVE-2014-8355 / Shared Upstream Fix / ? needinfo ]
 
     https://bugzilla.redhat.com/show_bug.cgi?id=1158520 [ CVE-2014-8354 / Shared Upstream Fix / ? needinfo ]
     https://bugzilla.redhat.com/show_bug.cgi?id=1122813  
     https://bugzilla.redhat.com/show_bug.cgi?id=1035578 [ CVE-2013-6404 / fixed in https://admin.fedoraproject.org/updates/FEDORA-2014-11549/quassel-0.11.0-1.fc20 ]
 
     https://bugzilla.redhat.com/show_bug.cgi?id=1156420 [ CVE-2014-8483 / upstream fix / ? needinfo ]
    [ CVE-2014-5044 / Needinfo / seems fixed in gcc-4.8.3-7.fc20 ]
 
     https://bugzilla.redhat.com/show_bug.cgi?id=1158524  
 
    [ CVE-2014-8355 / Shared Upstream Fix / Set to needinfo ]
 
     https://bugzilla.redhat.com/show_bug.cgi?id=1158520  
 
    [ CVE-2014-8354 / Shared Upstream Fix / Set to needinfo ]
 
     https://bugzilla.redhat.com/show_bug.cgi?id=1035578  
 
    - CVE-2013-6404
    - fixed in https://admin.fedoraproject.org/updates/FEDORA-2014-11549/quassel-0.11.0-1.fc20
 
     https://bugzilla.redhat.com/show_bug.cgi?id=1156420
 
    -CVE-2014-8483
    -redirected to upstream fix / needinfo


Kushal
Kushal

Revision as of 13:17, 1 November 2014

When and Where

On Sat, 1st Nov 2014, 09:30 - 17:00 hrs in room "Sinhagad" on Level 1 at the Red Hat Pune office.

This Fedora Activity Day is aimed at collaborative triage and fixing of Fedora Security tracking bugs. It is meant for Existing Fedora contributors or folks who want to start contributing in a useful way (not just attend a FAD and then disappear). More details below.

Note:- maximum capacity for the day is about 25 participants.

Attendees

Note
Feel free to add your name here

Activities

  • We will start with a basic introduction to Fedora Security by P J P and then go on to the process we follow etc [Approx 30-40 mins]
  • We will then look at the list of flaws which are open and then pick ones we want to pursue. -> open issues
  • Rest of the day goes into actually working on them and figuring out if they can be fixed.
  • The owner of those flaws will continue pursing those flaws after the FAD and ensure they get a proper resolution.
  • Follow progress on etherpad here http://piratepad.net/SecurityFADPune

Useful links

Status

Proceedings from the Fedora Activity Day on Security:

https://fedoraproject.org/wiki/FAD_Pune_Security_1

Triaging bugs at

https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&classification=Fedora&keywords=Security&keywords_type=allwords&list_id=2966595

Bugs without FST owners:

https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&classification=Fedora&keywords=Security&keywords_type=allwords&list_id=2966620&query_format=advanced&status_whiteboard=fst_owner&status_whiteboard_type=notregexp

Please ensure you put your FAS name in the whiteboard of the bugs you are modifying / looking at. Format is "fst_owner=<fasname>" in the Whiteboard.

Siddhesh

   https://bugzilla.redhat.com/show_bug.cgi?id=721103
   https://bugzilla.redhat.com/show_bug.cgi?id=736321
   https://bugzilla.redhat.com/show_bug.cgi?id=751889
   https://bugzilla.redhat.com/show_bug.cgi?id=741267
   https://bugzilla.redhat.com/show_bug.cgi?id=741268
   https://bugzilla.redhat.com/show_bug.cgi?id=808305
   https://bugzilla.redhat.com/show_bug.cgi?id=891035
   https://bugzilla.redhat.com/show_bug.cgi?id=891034

Niranjan

   https://bugzilla.redhat.com/show_bug.cgi?id=1063672 [Set NeedInfo Flag]
   https://bugzilla.redhat.com/show_bug.cgi?id=1063673 [Set NeedInfo]
   https://bugzilla.redhat.com/show_bug.cgi?id=958642
   https://bugzilla.redhat.com/show_bug.cgi?id=958640

PraveenKumar

   https://bugzilla.redhat.com/show_bug.cgi?id=1139625
   https://bugzilla.redhat.com/show_bug.cgi?id=1141310
   https://bugzilla.redhat.com/show_bug.cgi?id=1141314
   https://bugzilla.redhat.com/show_bug.cgi?id=1026280
   https://bugzilla.redhat.com/show_bug.cgi?id=1026281
   https://bugzilla.redhat.com/show_bug.cgi?id=998783
   https://bugzilla.redhat.com/show_bug.cgi?id=1113529
   https://bugzilla.redhat.com/show_bug.cgi?id=1113528

Amit

   https://bugzilla.redhat.com/show_bug.cgi?id=889305
   https://bugzilla.redhat.com/show_bug.cgi?id=1086776

PJP

   https://bugzilla.redhat.com/show_bug.cgi?id=864897
   https://bugzilla.redhat.com/show_bug.cgi?id=782620
   https://bugzilla.redhat.com/show_bug.cgi?id=838162
   https://bugzilla.redhat.com/show_bug.cgi?id=851773
   https://bugzilla.redhat.com/show_bug.cgi?id=887451

Siddharth

   https://bugzilla.redhat.com/show_bug.cgi?id=1031501 [ CVE-2013-6800 / Closed fixed in f19 krb5-1.11.3 ]
   https://bugzilla.redhat.com/show_bug.cgi?id=1122813 [ CVE-2014-5044 / Needinfo / seems fixed in gcc-4.8.3-7.fc20 ]
   https://bugzilla.redhat.com/show_bug.cgi?id=1158524 [ CVE-2014-8355 / Shared Upstream Fix / ? needinfo ]
   https://bugzilla.redhat.com/show_bug.cgi?id=1158520 [ CVE-2014-8354 / Shared Upstream Fix / ? needinfo ]
   https://bugzilla.redhat.com/show_bug.cgi?id=1035578 [ CVE-2013-6404 / fixed in https://admin.fedoraproject.org/updates/FEDORA-2014-11549/quassel-0.11.0-1.fc20 ]
   https://bugzilla.redhat.com/show_bug.cgi?id=1156420 [ CVE-2014-8483 / upstream fix / ? needinfo ]

Kushal

* https://bugzilla.redhat.com/show_bug.cgi?id=1061148

Chandankumar

   https://bugzilla.redhat.com/show_bug.cgi?id=1115517

Samikshan

   https://bugzilla.redhat.com/show_bug.cgi?id=1128152

Blogs and Reports

Photos