[Libreoffice-qa] ESC meeting agenda: 2023-09-28 16:00 CEST
Eyal Rozenberg
eyalroz1 at gmx.com
Wed Sep 27 17:31:04 UTC 2023
Hello ESC,
I would like to ask you to discuss the situation with the recent CVE:
https://bugs.documentfoundation.org/show_bug.cgi?id=157231
which potentially affects LibreOffice:
https://bugs.documentfoundation.org/show_bug.cgi?id=157231
Specifically:
1. Please asses the potential effect on LO.
2. Please list the scenarios in which LO may be affected.
3. What capability do we currently have to strongly-encourage users to
update to a secure version (assuming one is available)?
4. What capability do we currently have to force users to update to a
secure version (assuming one is available)?
5. Assuming the answer to (3.) or (4.) is "none" - consider taking a
decision on changing that, with high priority, even if the current CVE
is rarely dangerous for LO users.
6. Assuming the answer to (3.) or (4.) is "some" - please decide whether
to do so, or recommend the board decide to do so etc.
Eyal
On 27/09/2023 18:12, Miklos Vajna wrote:
> Hi,
>
> The prototype agenda is below. Extra items are appreciated either in
> this document or as a reply to this mail:
>
> https://pad.documentfoundation.org/p/esc
>
> You can join using Jitsi here:
>
> https://jitsi.documentfoundation.org/esc
>
> Regards,
>
> Miklos
>
> ---
>
> * Present:
> +
>
> * Completed Action Items:
>
> * Pending Action Items:
> + Try gtk4 local builds, Qt6 local builds (Cloph)
> + review bot: ignore distro branches when adding reviewers (Xisco)
>
> * Release Engineering update (Cloph)
> + 7.6 status:
> + 7.5 status:
>
> * Documentation (Olivier)
> + Bugzilla Documentation statistics
> 272(272) bugs open
> + Updates:
> BZ changes 1 week 1 month 3 months 12 months
> created 6(2) 19(2) 70(1) 298(0)
> commented 6(0) 48(-9) 225(-12) 1079(-15)
> resolved 0(-2) 4(-1) 30(0) 163(-2)
> + top 10 contributors:
> Stéphane Guillou made 16 changes in 1 month, and 341 changes
> in 1 year
> Olivier Hallot made 13 changes in 1 month, and 440 changes in
> 1 year
> Ilmari Lauhakangas made 8 changes in 1 month, and 114 changes
> in 1 year
> Nabet, Julien made 8 changes in 1 month, and 39 changes in 1
> year
> aswath t made 5 changes in 1 month, and 5 changes in 1 year
> Jim Avera made 5 changes in 1 month, and 5 changes in 1 year
> steve made 4 changes in 1 month, and 18 changes in 1 year
> Seth Chaiklin made 4 changes in 1 month, and 306 changes in 1
> year
> Vernon, Stuart Foote made 3 changes in 1 month, and 44
> changes in 1 year
> Heiko Tietze made 2 changes in 1 month, and 107 changes in 1
> year
>
> * UX Update (Heiko)
> + Bugzilla (topicUI) statistics
> 259(259) (topicUI) bugs open, 57(57) (needsUXEval) needs to be
> evaluated by the UXteam
> + Updates:
> BZ changes 1 week 1 month 3 months 12 months
> added 3(2) 14(4) 20(4) 45(2)
> commented 27(-3) 181(-3) 461(15) 2324(-7)
> removed 0(0) 0(0) 1(-1) 20(-4)
> resolved 10(7) 35(5) 86(9) 330(2)
> + top 10 contributors:
> Heiko Tietze made 114 changes in 1 month, and 1385 changes in
> 1 year
> Stéphane Guillou made 45 changes in 1 month, and 468 changes
> in 1 year
> Eyal Rozenberg made 41 changes in 1 month, and 324 changes in
> 1 year
> Kaganski, Mike made 29 changes in 1 month, and 144 changes in
> 1 year
> Dieter made 20 changes in 1 month, and 247 changes in 1 year
> Vernon, Stuart Foote made 19 changes in 1 month, and 405
> changes in 1 year
> ady made 18 changes in 1 month, and 110 changes in 1 year
> Fortin Tam, Jean-François made 11 changes in 1 month, and 16
> changes in 1 year
> Bogdan B made 10 changes in 1 month, and 105 changes in 1 year
> neil made 10 changes in 1 month, and 10 changes in 1 year
>
> * Crash Testing (Caolan)
> + 22(+0) import failure, 0(+0) export failures
> + ??? coverity issues
> + Google / ossfuzz: ?? fuzzers active now
>
> * Crash Reporting (Xisco)
> + 7.6.0.2 105(+1)
> + 7.6.0.3 9755(+1827)
> + 7.6.1.2 3478(+2545)
> + 7.6.2.1 16(+0)
>
> * Mentoring (Hossein)
> committer... 1 week 1 month 3 months 12 months
> open 45(-10) 97(-7) 156(-7) 209(-2)
> reviews 226(-42) 1236(-140) 3408(-12) 11502(4)
> merged 169(-25) 989(-78) 3080(-107)
> 12609(-110)
> abandoned 4(-6) 60(-9) 142(-10) 634(-15)
> own commits 99(34) 657(-17) 2062(13) 9688(-75)
> review commits 35(17) 179(-38) 628(0) 3025(1)
> contributor... 1 week 1 month 3 months 12 months
> open 26(5) 56(11) 91(15) 117(16)
> reviews 498(-44) 2290(-194) 7130(-202)
> 30546(-308)
> merged 13(8) 62(-25) 220(3) 2165(-41)
> abandoned 14(7) 33(10) 205(11) 625(7)
> own commits 18(15) 62(-12) 221(15) 1099(17)
> review commits 0(0) 0(0) 0(0) 0(0)
> + easyHack statistics:
> needsDevEval 8(8) needsUXEval 1(1) cleanup_comments 323(323)
> total 398(398) assigned 24(24) open 349(349)
> + top 10 contributors:
> Stéphane Guillou made 6 patches in 1 month, and 35 patches in
> 1 year
> Srebotnjak, Martin made 4 patches in 1 month, and 20 patches
> in 1 year
> Sahil Gautam made 4 patches in 1 month, and 9 patches in 1 year
> Adam Seskunas made 4 patches in 1 month, and 4 patches in 1 year
> Dan Horák made 4 patches in 1 month, and 4 patches in 1 year
> Bogdan B made 3 patches in 1 month, and 97 patches in 1 year
> Priyadarshi, Apurva made 2 patches in 1 month, and 2 patches
> in 1 year
> Montane, Joan made 2 patches in 1 month, and 2 patches in 1 year
> Bayram Çiçek made 2 patches in 1 month, and 2 patches in 1 year
> Ismael Olea made 2 patches in 1 month, and 2 patches in 1 year
> + top 10 reviewers:
> Caolán McNamara made 152 review comments in 1 month, and 538
> in 1 year
> Xisco Fauli made 94 review comments in 1 month, and 758 in 1
> year
> Thorsten Behrens made 90 review comments in 1 month, and 462
> in 1 year
> Michael Stahl made 86 review comments in 1 month, and 1144 in
> 1 year
> Ilmari Lauhakangas made 76 review comments in 1 month, and
> 398 in 1 year
> Nabet, Julien made 72 review comments in 1 month, and 962 in
> 1 year
> Christian Lohmaier made 72 review comments in 1 month, and
> 408 in 1 year
> Vajna, Miklos made 70 review comments in 1 month, and 894 in
> 1 year
> Kaganski, Mike made 58 review comments in 1 month, and 360 in
> 1 year
> Hossein made 58 review comments in 1 month, and 280 in 1 year
> + big CONGRATULATIONS to contributors who have at least 1 merged
> patch, since last report:
> Ankit Kumar Jaipuriar
> Priyadarshi, Apurva
> t-aswath
> Cosmin Humeniuc (1&1)
> Mihai Vasiliu
>
> * Outreachy (Ilmari)
> + https://www.outreachy.org/ -- Applied with two intern slots
> + Mentor sign up deadline September 29: looking for mentors
> + https://www.outreachy.org/communities/cfp/libreoffice/
> + if you have time to mentor & idea: please speak up now
> + Project timeline is Dec -> March
> + Not looking for mentors at this stage, have 2 projects already
>
> * Commit Access
>
> * Developer Certification (Stephan/Miklos/Thorsten/László)
> + resting since: 20 weeks (limit: 20 weeks)
> + Stephan reached out to some of them
>
> * Jenkins / CI update (Cloph)
>
> * What’s cooking (Miklos)
> + C++20 (Stephan)
> + multi-page floating tables in Writer, see tdf#157119 for details
> (Miklos)
> + JDK bump to 17 (Michael W)
> + https://gerrit.libreoffice.org/c/core/+/155827
> + Right-to-left math layout and other Math improvements (Khaled)
> + Making MissingUnitTests more approachable for new devs (Ilmari)
>
> * QA update (Xisco)
> + UNCONFIRMED: 1178 (+2)
> + enhancements: 284 (+5)
> + needsUXEval: 6 (+1)
> + haveBackTrace: 11 (-1)
> + needsDevAdvice: 35 (+1)
> + documentation: 4 (+1)
> + android: 0 (+0)
> + iOS: 0 (+0)
> + Online: 11 (+0)
>
>
>
> + Most pressing bugs:
> New:
> Old:
> Fixed:
>
>
> + New high severity bugs of the week:
> + Firebird: Saving of data should be done automatically
> + https://bugs.documentfoundation.org/show_bug.cgi?id=117118
>
> + Writer crashes when inserting ODT file containing PDF into
> table in another ODT doc
> + https://bugs.documentfoundation.org/show_bug.cgi?id=155917
> + Michael S?
>
> + Crash in: (anonymous
> namespace)::XFrameImpl::implts_sendFrameActionEvent(com::sun::star::frame::FrameAction const&)
> + https://bugs.documentfoundation.org/show_bug.cgi?id=156648
>
> + Firebird: Automatic saving of data leads to data loss for all
> changes after last pressed "Save"
> + https://bugs.documentfoundation.org/show_bug.cgi?id=157237
> + needs bisecting
>
> * QA stats (Stéphane)
> +
> https://bugs.documentfoundation.org/page.cgi?id=weekly-bug-summary.html
> +123 -19 (-105) overall)
> many thanks to the top bug squashers:
> QA Administrators 16
> Stéphane Guillou (stragu) 10
> Buovjaga 8
> Kira Tubo 7
> خالد حسني 7
> Heiko Tietze 6
> Julien Nabet 5
> Miklos Vajna 4
> m.a.riosv 4
> BogdanB 3
>
> + top 10 bugs reporters:
> Samuel Mehrbrodt (allotropia) 6
> Callegar 2
> Dan Dascalescu 2
> Eyal Rozenberg 2
> Gabor Kelemen (allotropia) 2
> Gabriele Ponzo 2
> Gilward Kukel 2
> Kira Tubo 2
> Mike Kaganski 2
> Paul Millar 2
>
> + top 10 bugs fixers:
> خالد حسني 6
> Heiko Tietze 4
> Vajna, Miklos 4
> Caolán McNamara 3
> Nabet, Julien 3
> Patrick Luby 3
> Xisco Fauli 2
> Andreas Heinisch 1
> Kaganski, Mike 1
> Michael Stahl 1
>
> + top 10 bugs confirmers:
> m.a.riosv 20
> Ilmari Lauhakangas 14
> Stéphane Guillou 12
> Heiko Tietze 7
> Raal 4
> Bogdan B 3
> Dieter 3
> Kira Tubo 3
> Nabet, Julien 3
> Robert Großkopf 3
>
>
> * Bisected bugs open: keyword 'bisected'
> + more accurate - down to a single commit.
> + http://bit.ly/2dyIfDy
> +
>
> done by:
> Kira Tubo 4
> Stéphane Guillou 4
> Ilmari Lauhakangas 2
> Bogdan B 1
> Sophie Sipasseuth 1
> Timur 1
>
>
> * Bibisected bugs open: keyword 'bibisected'
> + http://bit.ly/2cSCXlS
> +
>
> done by:
> Kira Tubo 5
> Bogdan B 4
> Stéphane Guillou 4
> Nabet, Julien 2
> Sophie Sipasseuth 1
> Timur 1
>
>
> * all bugs tagged with 'regression'
> + 1207(+22) bugs open of 12824(+33) total 13(+0) high prio.
>
> done by:
> Kira Tubo 14
> m.a.riosv 2
> Stéphane Guillou 2
> ady 1
> Bogdan B 1
> Ilmari Lauhakangas 1
> Alex Thurgood 1
> Rafael Lima 1
> Robert Großkopf 1
>
>
> * ~Component count net * high severity regressions
> + http://bit.ly/1HWHb3E
> Writer - 8(+0)
> Calc - 3(+0)
> LibreOffice - 1(+0)
> Printing and PDF export - 1(+0)
>
> by OS:
> All - 9(+0)
> Linux - 2(+0)
> Mac OS X - 0(+0)
> Windows - 2(+0)
>
>
> * ~Component count net * all regressions
> + http://bit.ly/1BUdI8i
> Writer: other - 418(+5)
> Calc - 226(+3)
> Impress - 134(+3)
> LibreOffice - 49(+1)
> Draw - 47(+3)
> Crashes - 45(+1)
> Base - 42(+0)
> Writer: docx filter - 41(+0)
> Borders - 36(+1)
> UI - 35(+3)
> Writer: perf - 33(+0)
> Writer: other filter - 31(+0)
> Printing and PDF export - 25(+1)
> RTL - 23(+0)
> Chart - 22(+0)
> BASIC - 17(+0)
> filters and storage - 17(+1)
> Writer: doc filter - 15(+0)
> graphics stack - 12(+0)
> Formula Editor - 5(+1)
> framework - 4(+0)
> Extensions - 2(+0)
> sdk - 2(+0)
> Linguistic - 1(+0)
More information about the Libreoffice-qa
mailing list