Security Project Meeting 2008-07-14 19:00 UTC

1.  Agenda

1. Project status
   • Short overview of the current status of the Gentoo Security Project
2. Recruitment
   • What can be done to improve the current situation?
3. Delays in bug resolution/GLSA publication
   • Where are the delays located and what can be done about them?
4. GLSA related issues
   1. New date format in GLSAs
   2. Slot support
5. Handling of CVE identifiers in bugs
   • Define a way/ways to specify CVE ids in bugs (title/alias/...).
   • Documentation is needed on how to search for CVE ids.
   • CVE Compatibility
6. Possible changes to the Vulnerability Policy
   1. Insecure creation of temporary files
   2. SQL Injection
7. Security support for games
   • Should games be fully security-supported or be handled in a different way than other packages?
8. Any other topic

2.  Summary and log

• Summary
• Log