Agenda: Meeting #44 on Programming Language Vulnerabilities, April 15-16 2016

Document ISO/IEC/JTC 1/SC 22/WG 23 N0763

Minutes of Meeting #52 pre-meeting telecon
ISO/IEC JTC 1/SC 22/WG23
20 November 2017

Meeting Location : WebEx

Agenda

1 Opening activities

1.1 Opening Comments

1.2 Introduction of Participants/Roll Call

Stephen Michell

Tullio Vardanega

Clive Pygott

Paul Preney

Erhard Ploedereder

1.3 Procedures for this Meeting

1.4 Approval of previous Minutes of meeting 51 (N0759)

1.6 Approval of Agenda

1.7 Future Meeting Schedule


2019

Pre-mtg 61	TBD November 2019	Teleconference
#60	22-23 August 2019	Seoul, Korea
#59	TBD June 2019	With WG 9 or WG 21
Pre-mtg-59	TBD November 2019	Teleconference
#58	TBD April 2019	With WG 21
Pre-mtg 58	TBD March 2019	Teleconference
#57	21-22 January 2019	Orlando, FL

2018
Pre-mtg 57	01/11/18	Likely with WG 21, Oct 2018
#56	12-14/09/18	Toronto, Ontario, Canada with SC 22
#55	6-7/06/18	With WG 21, Rapperswil, Switzerland?
Pre-mtg-55	14/05/18	Teleconference
#54	26-27 April 2018	Brno Chez Republic with WG 14
#53	14-15 March 2018	With WG 21, Jacksonville, FL, mostly WebEx
#52	22-23 January 2018	Phoenix, AZ	Can we make it 21-22?

2. Document Review

2.1 TR 24772-1 Vulnerabilities, language independent (N0751 or later)

Question from Clive:

What do we think about a vulnerability 'all functions should have a single point of exit)?’

2.2 TR 24772-2 Ada language specific part (if new version available)

2.3 TR 24772-3 C language specific part, Document N0764

Clive has submitted a new version of TR 24772-3 C to take into account WG 14’s comments. We need to agree on an approach.

2.4 TR 24772-4 Python language specific part

See N0762. We have proposed material for the OO vulnerabilities from the Python Typeing experts reflector.

2.5 TR 24772-8 Fortran

2.6 TR 24772-9 C++

N0758 or later document. WG 21/SG 12 has updated 6 vulnerabilities and drafted a liaison statement to guide joint work. We need to seriously consider the liaison statement and critique the new material.

Document ISO/IEC/JTC 1/SC 22/WG 23 N0763

Minutes of Meeting #52 pre-meeting telecon
ISO/IEC JTC 1/SC 22/WG23
20 November 2017

Meeting Location : WebEx

Agenda

1 Opening activities

1.1 Opening Comments

1.2 Introduction of Participants/Roll Call

1.3 Procedures for this Meeting

1.4 Approval of previous Minutes of meeting 51 (N0759)

1.6 Approval of Agenda

1.7 Future Meeting Schedule

2. Document Review

2.1 TR 24772-1 Vulnerabilities, language independent (N0751 or later)

2.2 TR 24772-2 Ada language specific part (if new version available)

2.3 TR 24772-3 C language specific part, Document N0764

2.4 TR 24772-4 Python language specific part

2.5 TR 24772-8 Fortran

2.6 TR 24772-9 C++

2.7 Potential TR24772 Guidance on avoiding Programming Vulnerabilities – IS

3 Other Business

4 Review of Assignment of responsibilities

5 Resolutions and Action Items

6. Adjournment

Document ISO/IEC/JTC 1/SC 22/WG 23 N0763

Minutes of Meeting #52 pre-meeting teleconISO/IEC JTC 1/SC 22/WG2320 November 2017

Meeting Location : WebEx

Agenda

1 Opening activities

1.1 Opening Comments

1.2 Introduction of Participants/Roll Call

1.3 Procedures for this Meeting

1.4 Approval of previous Minutes of meeting 51 (N0759)

1.6 Approval of Agenda

1.7 Future Meeting Schedule

2. Document Review

2.1 TR 24772-1 Vulnerabilities, language independent (N0751 or later)

2.2 TR 24772-2 Ada language specific part (if new version available)

2.3 TR 24772-3 C language specific part, Document N0764

2.4 TR 24772-4 Python language specific part

2.5 TR 24772-8 Fortran

2.6 TR 24772-9 C++

2.7 Potential TR24772 Guidance on avoiding Programming Vulnerabilities – IS

3 Other Business

4 Review of Assignment of responsibilities

5 Resolutions and Action Items

6. Adjournment

Minutes of Meeting #52 pre-meeting telecon
ISO/IEC JTC 1/SC 22/WG23
20 November 2017