Skip to end of metadata
Go to start of metadata
You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
Version 1
Next »
Date
Attendees
Discussion items
| Time | Item | Who | Notes |
|---|
| 5 min | Security Question | Craig McNally | - Github alerts when there are known vulnerabilities in a repository... In some cases these have gone ignored for quite some time.
- Should the TC mandate that these be addressed in a "timely" manner?
- Leave it up to the security team to decide on a case-by-case basis?
- Craig McNally will raise for discussion at the next Security Team meeting (Friday)
- Review and ensure JIRAs exist for all existing vulnerabilities reported by github
- Triage/prioritize each and assign to teams as needed.
- Investigate how to manage this better going forward - is there some automated way to get these into JIRA?
|
|
|
|
|
Action items