Attendees: ======== Maxime Coquelin (Chair) Thomas Monjalon Bruce Richardson Stephen Hemminger Konstantin Ananyev Aaron Conole Jerin Jacob Hemant Agrawal Morten Brørup
Topics: ====== * Security reports (Thomas) - Discussion on the CVE filing process using Red Hat as CNA. - Maxime will file CVEs for vhost-related vulnerabilities. - Need to identify who handles CVEs for other components (e.g., crypto). - 10 security reports on Marvell drivers; 5-6 already fixed as bugs. * Jerin to follow up with Akhil to reply to reporters. * Discussion on distinguishing bugs vs. security vulnerabilities. - AI-generated security reports are becoming common. * Aaron suggested treating AI-detected issues as public since anyone can run AI tools. * Stephen noted duplicate reports for already-fixed issues. - Vote: Create a Slack channel for security coordination. * Members: Techboard members, release maintainers, and component maintainers as needed. * Vote passed. * Next Step: Thomas will create the Slack channel. * Loongarch Lab (Thomas) - Lab was producing systematic failures and erratic results. - Thomas disabled access to test-report mailing list (reports now in moderation queue). - Next Step: Aaron will raise the issue at the DPDK CI meeting to coordinate with Loongson. * New PTP example (Thomas) - Thomas merged a PTP relay example (ptp_tap_relay_software) without prior Techboard approval. - Concern about naming inconsistency with existing PTP client example. - Stephen will review the example and consider renaming for consistency. * Release update (Thomas) - BPF patches from Marat Khalili have compilation failures when applying patch-by-patch. * Marat will fix the bisect issue. - Ring library patches from Stephen also have compilation failures; Thomas will send details. - Power library patches still to be reviewed for RC1.
