zoom bridge: https://zoom.us/j/283628617
Duration 60 minutes
Duration | Agenda Item | Requested by | Notes / Links |
---|---|---|---|
START RECORDING | |||
30min | Dublin end game plans RC2 - May 30th (Euro holiday) Sign-off - June 6th | RC1 Follow-up: Deliverables for RCx Milestone Checklist Template !!! PTLs to provide latest RELEASE Images ASAP, especially if you made changes post-RC0 !!!
Please provide your RC2 checklist no later than May 29th 11am PST- thank you | |
10min | CII badging and vulnerability disclosure | Call to action: Update you CII badging info Pawel created a ticket to improve readthedoc, working with Sofia accordingly (SECCOM): provide template for PTLs to report their security/vulnerability issues including rules for exposing ports outside the cluster #2 CII badging - e-mail sent to PTLs & Security #2.1 SO is ok to be reviewed by Security #2.2. another few projects still need to complete their items | |
10 min | El Alto security priorities | Paweł Pawlak | Key components versioning, recommendations after known vulnerabilities analysis, follow-up with fixes related to OJSI tickets, ONAP communication matrix #3.1 Work in progress. Natacha is working on a proposition to be presented during ONAP DDF in Sweden Additional recommendations from Security about K8S, Tomcat, Alpine, etc. should be defined for the incoming releases so each project will have a common OS, common open source strategy #3.2 OSJI tickets - interaction with PTLs is required - Please have a look at them asap Holmes, Logging, Portal, UUI, VFC, VNFSDK - vulnerability table OOM - CII Badging - now updated #3.3 Other item: Early disclosure to Operators has been approved by TSC. In the future, audience could be reviewed - SECCOM to assess Any TUESDAY, feel free to join SECCOM if you have any suggestion |
...