General Meeting/Minutes/2018-12-06

From SPDX Wiki
Jump to: navigation, search
  • Attendance: 4
  • Lead by Gary O'Neall
  • Minutes of Nov meeting approved

Legal Team Report - Paul

  • Linux Kernel Enforcement statement was discussed (and continues to be discussed on the legal mailing list)
    • Discussion on whether to add the statement as an SPDX license "exception"
    • Discussion was well represented with members of the Software Freedom Conservancy and Red Hat present
  • Discussing changing language or term for "exception"
    • Considering "modifier"
    • Language for the current exception is planned to be updated

Tech Team Report - Gary

  • Currently focused on adding security vulnerability information
    • Working with SEVA which has created an XML Schema to represent NIST National Vulnerability Database information
    • Working with NIST and SWID organization to normalize the package information
    • Request was made to make sure we also include remediation information
    • Request was made to include weakness enumeration

Outreach Team Report - All

  • No updates from the outreach team


  • Gary O’Neall, SourceAuditor
  • Mark Atwood, Amazon
  • Paul Maddick, Dimension Data
  • Mark Baushke, Juniper Networks