When and Where
On Sat, 1st Nov 2014, 09:30 - 17:00 hrs in room "Sinhagad" on Level 1 at the Red Hat Pune office.
This Fedora Activity Day is aimed at collaborative triage and fixing of Fedora Security tracking bugs. It is meant for Existing Fedora contributors or folks who want to start contributing in a useful way (not just attend a FAD and then disappear). More details below.
Note:- maximum capacity for the day is about 25 participants.
Attendees
- Huzaifa Sidhpurwala
- Siddhesh
- Niranjan MR
- Siddharth Sharma
- P J P
- Chandan Kumar
- Anand Verma
- Dhriti Shikhar
- Praveen Kumar
- Amit Shah
- Nirupama Karandikar
- Samikshan Bairagya
- Anisha Narang
- Kushal Das
Activities
- We will start with a basic introduction to Fedora Security by P J P and then go on to the process we follow etc [Approx 30-40 mins]
- We will then look at the list of flaws which are open and then pick ones we want to pursue. -> open issues
- Rest of the day goes into actually working on them and figuring out if they can be fixed.
- The owner of those flaws will continue pursing those flaws after the FAD and ensure they get a proper resolution.
- Follow progress on etherpad here http://piratepad.net/SecurityFADPune
Useful links
Status
Proceedings from the Fedora Activity Day on Security:
https://fedoraproject.org/wiki/FAD_Pune_Security_1
Triaging bugs at
Bugs without FST owners:
Please ensure you put your FAS name in the whiteboard of the bugs you are modifying / looking at. Format is "fst_owner=<fasname>" in the Whiteboard.
Siddhesh
https://bugzilla.redhat.com/show_bug.cgi?id=721103 https://bugzilla.redhat.com/show_bug.cgi?id=736321 https://bugzilla.redhat.com/show_bug.cgi?id=751889 https://bugzilla.redhat.com/show_bug.cgi?id=741267 https://bugzilla.redhat.com/show_bug.cgi?id=741268 https://bugzilla.redhat.com/show_bug.cgi?id=808305 https://bugzilla.redhat.com/show_bug.cgi?id=891035 https://bugzilla.redhat.com/show_bug.cgi?id=891034
Niranjan
https://bugzilla.redhat.com/show_bug.cgi?id=1063672 [Set NeedInfo Flag] https://bugzilla.redhat.com/show_bug.cgi?id=1063673 [Set NeedInfo] https://bugzilla.redhat.com/show_bug.cgi?id=958642 https://bugzilla.redhat.com/show_bug.cgi?id=958640
PraveenKumar
https://bugzilla.redhat.com/show_bug.cgi?id=1139625 https://bugzilla.redhat.com/show_bug.cgi?id=1141310 https://bugzilla.redhat.com/show_bug.cgi?id=1141314 https://bugzilla.redhat.com/show_bug.cgi?id=1026280 https://bugzilla.redhat.com/show_bug.cgi?id=1026281 https://bugzilla.redhat.com/show_bug.cgi?id=998783 https://bugzilla.redhat.com/show_bug.cgi?id=1113529 https://bugzilla.redhat.com/show_bug.cgi?id=1113528
Amit
https://bugzilla.redhat.com/show_bug.cgi?id=889305 https://bugzilla.redhat.com/show_bug.cgi?id=1086776
PJP
https://bugzilla.redhat.com/show_bug.cgi?id=864897 https://bugzilla.redhat.com/show_bug.cgi?id=782620 https://bugzilla.redhat.com/show_bug.cgi?id=838162 https://bugzilla.redhat.com/show_bug.cgi?id=851773 https://bugzilla.redhat.com/show_bug.cgi?id=887451
Siddharth
https://bugzilla.redhat.com/show_bug.cgi?id=1031501 [ CVE-2013-6800 / Closed fixed in f19 krb5-1.11.3 ] https://bugzilla.redhat.com/show_bug.cgi?id=1122813 [ CVE-2014-5044 / Needinfo / seems fixed in gcc-4.8.3-7.fc20 ] https://bugzilla.redhat.com/show_bug.cgi?id=1158524 [ CVE-2014-8355 / Shared Upstream Fix / ? needinfo ] https://bugzilla.redhat.com/show_bug.cgi?id=1158520 [ CVE-2014-8354 / Shared Upstream Fix / ? needinfo ] https://bugzilla.redhat.com/show_bug.cgi?id=1035578 [ CVE-2013-6404 / fixed in https://admin.fedoraproject.org/updates/FEDORA-2014-11549/quassel-0.11.0-1.fc20 ] https://bugzilla.redhat.com/show_bug.cgi?id=1156420 [ CVE-2014-8483 / upstream fix / ? needinfo ]
Kushal
* https://bugzilla.redhat.com/show_bug.cgi?id=1061148
Chandankumar
https://bugzilla.redhat.com/show_bug.cgi?id=1115517
Samikshan
https://bugzilla.redhat.com/show_bug.cgi?id=1128152
Blogs and Reports
- http://journal.siddhesh.in/posts/fedora-activity-day-at-pune-towards-a-more-secure-fedora.html
- http://kumar-pravin.blogspot.com/2014/11/fedora-activity-day-fad-on-security.html
- http://log.amitshah.net/2014/11/fedora-activity-day-security-i/
- http://kushaldas.in/posts/fedora-security-fad-on-1st-nov.html