[dev] [State update-2 for RC3] [Triage Meeting] RE: [session2-Meeting minute]: [Triage CC schedule] [For 1.3 release RC2 ] list sharing and update request for some missing blocks

Sat, 20 May 2017 23:11:57 +0000 

Hi Uze,

As an update, all known P1 Security Issues have either been resolved, or have 
pending patches in Gerrit review; see JIRA for updated status:
All Open, In Progress, Assigned and Re-opened Issues with ?Security? tag, P1, 
and Fix In Version 
1.3.0<https://jira.iotivity.org/issues/?jql=project%20%3D%20IOT%20AND%20status%20in%20(Open%2C%20%22In%20Progress%22%2C%20Reopened%2C%20Assigned)%20AND%20priority%20%3D%20P1%20AND%20fixVersion%20%3D%20%22IoTivity%201.3.0%22%20AND%20labels%20%3D%20security%20ORDER%20BY%20priority%20DESC%2C%20created%20DESC>

We are waiting on code review and/or Jenkins for 7 of the 8 open issues.  The 
mbedTLS update issue, you already known about.

However it should be noted that there are likely many outstanding issues other 
than these that will prevent OCF 1.0 certification.  I understand it is your 
intention to release 1.3.0 without passing complete CTT, but I wanted to be 
100% clear that there will almost surely be other certification blocking issues 
discovered as CTT and IoTivity bugs are fixed and more of the TCs are running.  
I hope the intention is to release again when complete CTT is passing.

Summary copy/paste from JIRA:


?         Bug     IOT-2293              [Security] /oic/sec/acl2 resource is 
being updated by payload for /oic/sec/acl resource

?         Bug     IOT-2292              [Security] 'creds->credusage' property 
of /oic/sec/cred resource is of string type, expected is array of string in 
OCF1.0

?         Bug     IOT-2281              [Security] /oic/sec/amacl resource is 
responding for GET request, but not for POST

?         Bug     IOT-2280              [Security] /oic/sec/doxm resource 
unable to update rowneruuid

?         Bug     IOT-2271              provisioningclient fails to discover 
sampleserver_randompin, when using default ACEs

?         Bug     IOT-2258              OCCreateResource() must allow Secure 
*and* Unsecure "ep"

?         Bug     IOT-1928              Update mbedtls version before 1.3 
release

?         Improvement IOT-1896              Implement privacy mitigation 
approach for unique identifiers
Thanks,
Nathan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 
<http://lists.iotivity.org/pipermail/iotivity-dev/attachments/20170520/ef997f45/attachment.html>

Reply via email to