Zoom bridge: https://zoom.us/j/283628617?pwd=aWM3WjliUkFtcGFPUEdEMStIRll1UT09 passcode: 248130
PTL Recordings
Antitrust Policy Notice
- Full Policy

We will start our meetings by mentioning the project's Antitrust Policy, which you can find linked from the LF and project websites. The policy is important where multiple companies, including potential industry competitors, are participating in meetings. Please review and if you have any questions, please contact your company legal counsel. Members of the LF may contact Andrew Updegrove at the firm Gesmer Updegrove LLP, which provides legal counsel to the LF.

Agenda

START RECORDING

Agenda Item	Requested by	Notes / Links

Agenda Item	Requested by	Notes / Links
Cross-project discussions	@Kenny Paul (Deactivated)	Code scans now conducted by a third party, Source Auditor (Jeff Shapiro) Announcement First code scan results from Source Auditor
Subcommittee Updates for PTLs	@Paweł Pawlak @Amy Zwarico	Log4j upgrade vulnerability recommendation. CentOS version used by ONAP community. @David McBride file ticket with LFIT to determine whether Nexus IQ scans are only looking for the string 'log4j". Could we be missing instances of log4j where this string is not included in the file header? Filed ticket IT-23420 What about VID (unmaintained)? Any dependencies? Currently failing build.
IF TIME ALLOWS ....
Release status	@David McBride	Istanbul Maintenance Release (highest priority) The TSC agreed on Dec 16 that mediation of the log4j CVE is the highest priority for ONAP This will include an Istanbul Maintenance release as soon as possible Due to the urgency of the log4j issue, PTLs should avoid including any additional changes that might delay completion of the maintenance release The release name, 'Istanbul Maintenance Release 1' has been created in Jira. Please assign this release name to the "Fix Version" field for issues for the maintenance release. Jakarta release No changes to the Jakarta schedule due to the log4j issue for now. We will monitor progress and re-evaluate as we get closer to M2 in January. M2 scheduled for Jan 27 M2 issues were published Jan 10 M2 includes a new task for PTL's to color code the Impact View per Component page Arch review task expanded to include discussion of inter-project dependencies
Upcoming Events	@Kenny Paul (Deactivated)	LF's Diversity, Equity & Inclusion report Holiday Schedule: TSC meetings canceled for Dec 23 & 30th. PTL meetings canceled for Dec 27 & Jan 3 LFN Developer and Testing Forum, Jan. 10-13, 2022 (4h topics + 30 mins break)/day , Virtual Event Registration: https://community.lfnetworking.org/events/details/linux-foundation-lfn-developer-testing-forums-presents-lfn-developer-testing-forum-january-2022/ Sessions Page ONAP Community Program Committee Leads: @Ranny Haiby , @Timo Perala - Thank you No TSC or PTL meetings during the week of DTF. Please cancel your team meetings as well Open Networking & Edge Executive Forum (ONEEF) Q1/Q2 Virtual LFN Developer & Testing Forum, Week of June 13th 2022 Physical Event Porto, Portugal
Remaining Action Items

Zoom Chat Log

06:22:03 From Muddasar to Everyone:
https://www.businesswire.com/news/home/20211216005779/en/JFrog-Releases-OSS-Tools-to-Identify-Log4j-Utilization-in-Both-Binaries-Source-Code
06:22:21 From Muddasar to Everyone:
https://github.com/jfrog/log4j-tools
06:45:57 From Bob Heinemann to Everyone:
happy holidays

PTL 2021-12-20

Agenda

Zoom Chat Log