# osquery office hours 2022-10-24
YouTube Link: https://www.youtube.com/watch?v=CUwtl3-GNUY
## Announcements and Highlights since the last meeting
## Any Questions / Issues / PRs people want to discuss?
The intent of this section is to provide a clear time for community members to bring up _anything_.
Broad questions? Bugs? Deployment questions? Blocked PRs?
## Agenda down here
5.6.0 was cut 2 weeks ago. Still a draft. Anyone test?
5.7.0 targetting December 1
## Keychain API
seph is starting to make some test cases, but hasn't gotten far yet.
Sharvil was making some test cases, hasn't replicated it
## Ventura Release
Kolide hasn't seen anything.
Fleet is seeing something weird abnout the endpoint permissions stuff. It's a bit garbled. But it sounds like:
* There's a new TCC permission for the endpoint security stuff
* It's prompted as part of the FDA flow
* If an app already has FDA permissions, it won't be prompted
* So there's a weird case for apps that had FDA permissions, won't get ES permission until it's removed and re-added.
* But this report only comed from one user, so it's all a bit unclear
Notes on [#7773](https://github.com/osquery/osquery/pull/7773):
* Fixed ARM64 support (thanks Artemist!)
* The cgroup_parts seems to work well to extract container IDs and backend type. However, in order to correctly support nested containers we should capture the full path (being worked on)
* Could use some more testing!
## Updating the osquery.io sponsors
Discussion about updating the website to include Fleet in the osquery.io sponsors list
[Link to Slack](https://osquery.slack.com/archives/C08VA3XQU/p1665681387352269)
## CVE Tracker
Discussion about using the github issues as a database for state. Doing this would require some stuff to make a snapshot of the state-on-release.
VS using the seperate file, which requires we remember to update the special file.
There's a surprisingly large ball of wax around detecting the state in PRs. Permissions around the NVD API key, as well as what the jobs can do.
## Look At Open CVS / Security Tickets
[List of Issues tagged with Security](https://github.com/osquery/osquery/issues?q=is%3Aopen+is%3Aissue+label%3Asecurity)
New sqlite CVE (From Trail of Bits) -- we're probably not effected.
We reviewed the existing tickets, and none are things we're effected by. And we're excited for https://github.com/osquery/osquery/pull/7787 and the automation
## Look at old PRs
_(If there's time, we've been trying to re-visit old PRs)_
[Reverse Sorted List of PRs](https://github.com/osquery/osquery/pulls?q=is%3Apr+is%3Aopen+sort%3Acreated-asc)