forked from haskell/security-advisories
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
a5ee89d
commit 6d0a379
Showing
1 changed file
with
43 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
# SRT 2023-08-23 | ||
|
||
[Previous meeting](https://github.com/haskell/security-advisories/blob/main/meeting-notes/2023-08-09.md) | ||
|
||
Present: | ||
* Gautier | ||
* Mihai | ||
* Casey | ||
* Tristan | ||
* david | ||
|
||
# Previous action items | ||
|
||
|
||
* Bitwarden accounts? | ||
* Mihai and Casey have access and are confirmed | ||
|
||
* Mihai: | ||
|
||
* Progress on embargoed items | ||
* The repo now contains the distribution list for who to send embargoed items to | ||
* Look into GHCup #858 -- still in progress | ||
* Mostly done, need to decide whether to send private email or reply on issue | ||
|
||
* Tristan: rebase the toml-parser PR#88 | ||
* Done, this is now ready to review | ||
|
||
* David: Encourage Pandoc devs to test out our advisory process | ||
* Done: HSEC-2023-0014 | ||
|
||
* FT: Documentation of repo structure | ||
|
||
* FT: Diagnostic output (created file XYZ) | ||
|
||
* FT to publish PR for (currently WIP) enhancement to record package components in HSEC security-advisories | ||
|
||
# HSEC-2023-0014 | ||
|
||
* First advisory contribution: https://github.com/haskell/security-advisories/pull/115 | ||
|
||
# CWE Library | ||
|
||
* Tristan proposed a new library to resolve CWE id and make advisory more readable: https://github.com/haskell/security-advisories/pull/116 |