- Dev - mailweb.openeuler.org

答复: [openeuler-security] 安全技术sig例会
by Huxinwei 26 Feb '21

26 Feb '21

Ø 2. openEuler UEFI组件微软签名进展对齐能具体说明下这个进展是什么吗？发件人: zhujianwei (C) [mailto:zhujianwei7@huawei.com] 发送时间: 2021年2月26日 17:12 收件人: dev(a)openeuler.org; tc(a)openeuler.org; openeuler-security(a)openeuler.org 主题: [Tc] 答复: [openeuler-security] 安全技术sig例会会议时间：2021.02.26 参会人员：openEuler sig-security-facility SIG成员，麒麟软件-李蕾、徐叶、于珊珊，统信软件-张少宁会议纪要： 1. openEuler sig-security-facility SIG介绍； 2. openEuler UEFI组件微软签名进展对齐 3. secPaver安全策略管理工具原理介绍及命令行、Web UI功能演示。遗留问题：讨论明确社区签名服务器方案---责任人：朱健伟、颜小兵 From: openEuler conference [mailto:public@openeuler.io] Sent: Thursday, February 25, 2021 2:32 PM To: dev(a)openeuler.org<mailto:dev@openeuler.org>; tc(a)openeuler.org<mailto:tc@openeuler.org>; openeuler-security(a)openeuler.org<mailto:openeuler-security@openeuler.org> Subject: [openeuler-security] 安全技术sig例会您好！ openEuler sig-security-facility SIG 邀请您参加 2021-02-26 14:15 召开的ZOOM会议会议主题：安全技术sig例会会议内容：1 安全启动签名进展汇报 2 secPaver安全策略管理工具介绍 3 其他安全需求讨论会议链接：https://zoom.us/j/96493610614?pwd=RzRBclprb01QTVd4dUlDRDFzTThoZz09 更多资讯尽在：https://openeuler.org/zh/ Hello! openEuler sig-security-facility SIG invites you to attend the ZOOM conference will be held at 2021-02-26 14:15, The subject of the conference is 安全技术sig例会, Summary: 1 安全启动签名进展汇报 2 secPaver安全策略管理工具介绍 3 其他安全需求讨论 You can join the meeting at https://zoom.us/j/96493610614?pwd=RzRBclprb01QTVd4dUlDRDFzTThoZz09. More information<https://openeuler.org/zh/>

1 0

virt SIG 新会议 _ 老会议id冲突
by openEuler conference 26 Feb '21

26 Feb '21

1 0

，Compiler SIG双周例会
by openEuler conference 26 Feb '21

26 Feb '21

2 1

sig-cloudnative双周例会
by openEuler conference 25 Feb '21

25 Feb '21

1 0

openEuler 21.03创新版本 RC1转测试通知
by Xuxiaosong 25 Feb '21

25 Feb '21

转测试计划比原计划有1天延期。请相关责任人最晚于2021-2-27前完成特性进展更新为正常状态。 RC1版本取用路径如下： http://121.36.84.172/dailybuild/openEuler-21.03/openeuler-2021-02-23-17-45-… 欢迎感兴趣的开发者提前获取验证，对于发现的问题请及时以issue的方式反馈给openEuler社区（里程碑选择openEuler 21.03-RC1）。由本次为发布前测试环节，软件版本可能存在重大问题，不建议大规模使用。 Release计划路径 https://gitee.com/openeuler/release-management/blob/master/openEuler-21.03/… Release plan Stange name Begin time End time Kernel update 5.10 2020-10-20 2020-10-30 Key feature collect 2020-10-10 2020-12-15 Kernel freezing 2020-12-21 2020-12-30 Key feature freezing 2021-1-22 2021-1-22 Build beta branch 2021-2-1 2022-2-22 Beta test round 1（we are here） 2021-2-24 2021-3-2 Beta test round 2 2021-3-5 2021-3-11 Beta test round 3 2021-3-15 2021-3-19 Beta test round 4 2021-3-20 2021-3-20 release 2021-3-25 2021-3-26 Feture list 状态说明：discussion(方案讨论，需求未接受)，developing(开发中)，Testing(测试中)，Reject(未纳入版本) no fetur status sig owner 1 openEuler 21.03 support openStack<https://gitee.com/openeuler/release-management/issues/I25Y6B?from=project-i…> developing sig-openstack @joec88<https://gitee.com/joec88> @liksh<https://gitee.com/liksh> 2 openEuler 21.03 support virtualization live migration pro<https://gitee.com/openeuler/release-management/issues/I25ZB1?from=project-i…> Testing sig-virt @alexchen<https://gitee.com/zhendongchen> 3 openEuler 21.03 support StratoVirt function enhancement<https://gitee.com/openeuler/release-management/issues/I25ZH0?from=project-i…> Testing sig-virt @alexchen<https://gitee.com/zhendongchen> 4 openEuler 21.03 support Risc-v virt live migration<https://gitee.com/openeuler/release-management/issues/I25ZF1?from=project-i…> Testing sig-virt @alexchen<https://gitee.com/zhendongchen> 5 openEuler 21.03 support DDE<https://gitee.com/openeuler/release-management/issues/I27TT4?from=project-i…> developing sig-DDE @panchenbo<https://gitee.com/panchenbo> 6 openEuler 21.03 kernel update to version 5.10<https://gitee.com/openeuler/release-management/issues/I27YGU?from=project-i…> Testing sig-kernel @XieXiuQi<https://gitee.com/xiexiuqi> 7 openEuler 21.03 remove python 2 from release<https://gitee.com/openeuler/release-management/issues/I29EV9?from=project-i…> Testing sig-python-modules @yaqiangchen<https://gitee.com/yaqiangchen> 8 openEuler 21.03 support xfce 4.14<https://gitee.com/openeuler/release-management/issues/I29LTB?from=project-i…> developing xfce @dillon_chen<https://gitee.com/dillon_chen> 9 openEuler 21.03 support GNOME 3.38.1<https://gitee.com/openeuler/release-management/issues/I29LTT?from=project-i…> Reject GNOME @dillon_chen<https://gitee.com/dillon_chen> 10 openEuler 21.03 Increase the dependency library of ROS-base<https://gitee.com/openeuler/release-management/issues/I2D19V?from=project-i…> Reject sig-ROS @anchuanxu<https://gitee.com/anchuanxu> 11 openEuler 21.03 support memig<https://gitee.com/openeuler/release-management/issues/I2C2NY?from=project-i…> Testing memig @liuzhiqiang26<https://gitee.com/liuzhiqiang26> 12 openEuler 21.03 support replace vender info<https://gitee.com/openeuler/release-management/issues/I2C2JJ?from=project-i…> Testing Builder @t.feng<https://gitee.com/t.feng> 13 openEuler 21.03 support nvwa<https://gitee.com/openeuler/release-management/issues/I2B057?from=project-i…> Testing sig-ops @EulerOSWander<https://gitee.com/EulerOSWander> 14 openEuler 21.03 support secGear<https://gitee.com/openeuler/release-management/issues/I2B0KY?from=project-i…> Testing sig-confidential-computing @chenmaodong<https://gitee.com/chenmaodong> 15 openEuler 21.03 support RaspberryPi<https://gitee.com/openeuler/release-management/issues/I2CVE3> developing sig-RaspberryPi @woqidaideshi<https://gitee.com/woqidaideshi> 16 openEuler 21.03 support UKUI<https://gitee.com/openeuler/release-management/issues/I2E61C> developing sig-UKUI @dou33<https://gitee.com/dou33> 17 openEuler 21.03 support HA<https://gitee.com/openeuler/release-management/issues/I2E5R3?from=project-i…> developing sig-HA @yangzhao_kl<https://gitee.com/yangzhao_kl> 18 openEuler 21.03 support StratoVirt microvm image<https://gitee.com/openeuler/release-management/issues/I2P83D?from=project-i…> Testing sig-virt @alexchen<https://gitee.com/zhendongchen> 19 openEuler 21.03 support Kubernetes<https://gitee.com/openeuler/release-management/issues/I2CMA0?from=project-i…> Testing sig-cloudnative @jingxiaolu<https://gitee.com/jingxiaolu> 20 openEuler 21.03 support KubeSphere<https://gitee.com/openeuler/release-management/issues/I34L4L> Reject sig-kubesphere @feynmanzhou<https://gitee.com/feynmanzhou> 21 openEuler 21.03 update SPDK<https://gitee.com/openeuler/release-management/issues/I35A62> Testing Storage @liuzhiqiang<https://gitee.com/liuzhiqiang26> 22 openEuler 21.03 update some software<https://gitee.com/openeuler/release-management/issues/I35BTA> Testing release-management @chenyaqiang<https://gitee.com/yaqiangchen> 23 openEuler 21.03 slim container base image<https://gitee.com/openeuler/release-management/issues/I35D25> Testing sig-cloudnative @jingxiaolu<https://gitee.com/jingxiaolu>

1 0

ops sig例会议题收集
by openEuler conference 25 Feb '21

25 Feb '21

1 0

安全技术sig例会
by openEuler conference 25 Feb '21

25 Feb '21

1 0

sig-HA双周例会
by openEuler conference 25 Feb '21

25 Feb '21

1 0

[openeuler-security] 【会议纪要】安全委员会例会2021/2/24
by guoxiaoqi 25 Feb '21

25 Feb '21

【安全委员会例会纪要】轮值主持人：guoxiaoqi 下次主持人：jinjin 与会人：liujingang09, yanxiaobing2020, zhujianwei001，gwei3，guoxiaoqi, jinjin，闫志全，张少宁, wangyue, zhanghua, fanjiachen, wangyiru, lubing, xiujianfeng, 崔雷, wangweiyang, 白光磊, 马德斌, 张建均会议时间：2021年2月24日 16:00－18:00 会议地点：zoom会议会议主题： 1.漏洞感知系统主讲人：闫志全问题：仍然存在误报情况，提升数据准备性需要数据化，自动审核导致的误报需要归总起来；漏洞感知时间需要明确处理时间轴计划：1.系统稳定性：稳定性指标->稳定性方案->方案评审->方案实施->稳定性验证->灾备手册 2. 数据准确性：完善fixversion方案、对缺少startversion进行补充 3.自动审核：仅针对系统无法处理的情况进行人工审核 4.时效性：目标小于24小时计划需要排具体时间，是否有需求需要优先处理稳定性，时效性，误报率，漏报率（持续改进） 2.社区漏洞处理主讲人：guoxiaoqi 月初发布紧急漏洞5个，均为9分以上，达成社区SLA目标月度版本解决漏洞108个，SA 50个，补丁测试中，未发布（预计3月3日发布）遗留CVE评审：jetty CVE-2020-27218 CVE-2019-10241 暂时挂起，和maintainer一起讨论升级策略，持续跟踪 js-jquery1 CVE-2019-11358 CVE-2019-11023 作为衰退软件处理 3.CVE可视化视图方案讨论主讲人：liujingang 背景：今年需要对CVE感知和修复的情况进行度量，对CVE进行可视化管理，度量指标包括：漏洞感知时长、CVS issue首次响应时长、漏洞SA补丁修复时长和漏洞SA发布时长等7个度量指标。方案需细化的问题：人工录入的CVE issue，CVE-manage刷新CVE issue时从NVD中同步CVE首次公开时间。度量维度基于严重级别、sig组、版本分支分类遗留问题：版本维度是通过里程碑或分支？跟release-management团队（胡峰）确认 4.安全委员会准成员以及成员主要工作介绍介绍链接：https://gitee.com/openeuler/security-committee/blob/master/README.md 欢迎新成员崔雷加入openEuler安全委员会！新成员介绍：姓名：崔雷引荐人：刘金刚导师：刘金刚邮箱：cuilei(a)kylinos.cn 所在团队：麒麟软件安全团队ta 安全委员会后续工作改进点：对于不受影响的漏洞，安全委员成员每个发布周期需要去分析，静默修复的CVE补发SA，误报CVE汇总上报软件所。已挂起的漏洞，安全委员会成员持续跟踪。遗留任务：向nvd注册openEuler CPE —— liujingang 5. SA发布流程主讲人：zhangjianjun 检查csv文档是否有更新(时间在发布时间内)->校验组件CVE->issue对应PR->核验数据，生成对应分支的cvrf 下次会议计划时间：2021年3月3日，会议组织：jinjin 会议组织轮值表： liujingang09(a)huawei.com [@liujingang09] yanxiaobing(a)huawei.com [@yanxiaobing2020] zhujianwei7(a)huawei.com [@zhujianwei001] 11015100(a)qq.com [@gwei3] guoxiaoqi2(a)huawei.com [@guoxiaoqi] yanglijin(a)huawei.com [@jinjin] 2021年3月3日

1 0

bisect 交流会议
by openEuler conference 24 Feb '21

24 Feb '21

1 0

2024

2023

2022

2021

2020

2019

Dev