Security Working Group meeting 2021-12-22 - results
jrey at linux.ibm.com
Thu Dec 23 05:52:57 AEDT 2021
The OpenBMC security working group held a meeting today. (Sorry I
missed sending a meeting announcement.) We discussed the projects
progress toward becoming CVE Numbering Authority (CNA) with Mitre.
Meeting held 2021-12-22:
Attendance: Joseph R, James M, Dhananjay P
This meeting had low attendance because of the holiday season.
1 CVE Numbering Authority (CNA) onboarding
The CNA training session was held. We are working on the homework now
(creating dummy CVEs). We found this tool easy to use: vulnogram.github.io
TODO: Document new procedures and guidance for the OpenBMC Security
Response Team to follow when working as a CNA.
TODO: Create a test issue under
And see if it leaks out into public communication channels, then start
writing up old vulnerabilities.
More information about the openbmc