Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implications of xz Backdoor #652

Open
jmertic opened this issue Apr 3, 2024 · 4 comments
Open

Implications of xz Backdoor #652

jmertic opened this issue Apr 3, 2024 · 4 comments
Labels
4-tac-meeting-short Short agenda item for the TAC meeting ( 5 minutes or less )

Comments

@jmertic
Copy link
Contributor

jmertic commented Apr 3, 2024

As requested by @lgritz - short discussion on the implications for our projects.

Reading materials:

@jmertic jmertic added the 4-tac-meeting-short Short agenda item for the TAC meeting ( 5 minutes or less ) label Apr 3, 2024
@jmertic jmertic moved this to Upcoming Meeting Agenda Items in Academy Software Foundation TAC Meeting Agenda Apr 3, 2024
@jmertic jmertic moved this from Upcoming Meeting Agenda Items to Next Meeting Agenda Items in Academy Software Foundation TAC Meeting Agenda Apr 15, 2024
@jmertic
Copy link
Contributor Author

jmertic commented Apr 17, 2024

@lgritz
Copy link
Contributor

lgritz commented Apr 17, 2024

4/22 maybe?

@jmertic
Copy link
Contributor Author

jmertic commented Apr 18, 2024

🤦 - good catch @lgritz . Fixed now

@jmertic jmertic moved this from Next Meeting Agenda Items to Upcoming Meeting Agenda Items in Academy Software Foundation TAC Meeting Agenda Apr 18, 2024
@jmertic
Copy link
Contributor Author

jmertic commented Apr 23, 2024

Meeting held 4/22 - notes at https://hackmd.io/19JjhwdVTOqyWGBxVVxiPg?both#Meeting-notes-2024-04-22

Recommended actions from the group:

  • Develop guidelines for projects for considering new maintainers and managing existing maintainers.
  • Assessment of hardware/software environments where projects don't have the resources/expertise to adequately review incoming PRs ( namely Windows support, but also specialty architectures and GPUs ).
  • Take Cary's list ( https://wiki.aswf.io/display/OEXR/OpenEXR+Project+Security+Hardening+Steps ) and build specific docs for project leads to follow to implement. Also, hold office hours for project leads to work with someone to help set it up.
  • Develop a policy for accepting binary blobs.

@jmertic jmertic moved this from Upcoming Meeting Agenda Items to Next Meeting Agenda Items in Academy Software Foundation TAC Meeting Agenda May 13, 2024
@jmertic jmertic moved this from Next Meeting Agenda Items to Upcoming Meeting Agenda Items in Academy Software Foundation TAC Meeting Agenda May 15, 2024
@jmertic jmertic moved this from Upcoming Meeting Agenda Items to Next Meeting Agenda Items in Academy Software Foundation TAC Meeting Agenda May 17, 2024
@jmertic jmertic moved this from Next Meeting Agenda Items to Upcoming Meeting Agenda Items in Academy Software Foundation TAC Meeting Agenda Jul 22, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
4-tac-meeting-short Short agenda item for the TAC meeting ( 5 minutes or less )
Projects
Development

No branches or pull requests

2 participants