== Meeting information == * #ubuntu-meeting Meeting, 27 Feb at 16:42 — 16:56 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-02-27-16.42.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Announcements === The discussion about "Announcements" started at 16:42. === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:42. === Highlighted packages === The discussion about "Highlighted packages" started at 16:54. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/php-openid.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/sleekxmpp.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/collectd.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/vxl.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libpdfbox-java.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:54. == Vote results == == Done items == * (none) == People present (lines said) == * tyhicks (32) * chrisccoulson (8) * jdstrand (8) * ubottu (5) * mdeslaur (4) * sbeattie (4) * jjohansen (4) * ratliff (3) * meetingology (3) * sarnold (2) == Full Log == 16:42 #startmeeting 16:42 Meeting started Mon Feb 27 16:42:07 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:42 16:42 Available commands: action commands idea info link nick 16:42 The meeting agenda can be found at: 16:42 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:42 [TOPIC] Announcements 16:42 Andreas Cadhalpun provided debdiffs for xenial and yakkety for ffmpeg (LP: #1664402 #1664403) 16:42 Launchpad bug 1664402 in ffmpeg (Ubuntu) "FFmpeg security fixes February 2017 (yakkety)" [Medium,Fix released] https://launchpad.net/bugs/1664402 16:42 Paul Gevers (elbrus) provided debdiffs for trusty and xenial for cacti (LP: #1663891) 16:42 Launchpad bug 1663891 in cacti (Ubuntu Trusty) "Security uploads for cacti (trusty and xenial)" [High,Fix released] https://launchpad.net/bugs/1663891 16:42 Brian Morton (rokclimb15) provided debdiffs for precise-yakkety for libssh2 (LP: #1664812) 16:42 Launchpad bug 1664812 in libssh2 (Ubuntu) "CVE-2016-0787" [Medium,Fix released] https://launchpad.net/bugs/1664812 16:42 Gianfranco Costamagna (LocutusOfBorg) provided debdiffs for trusty-yakkety for tcpdump (LP: #1662177) 16:42 Launchpad bug 1662177 in tcpdump (Ubuntu) "tcpdump multiple CVEs" [Medium,Fix released] https://launchpad.net/bugs/1662177 16:42 Thank you for your assistance in keeping Ubuntu users secure! :) 16:42 [TOPIC] Weekly stand-up report 16:42 jdstrand: you're up 16:42 hi! 16:43 this week I plan to work on: 16:43 various snappy PR reviews (snap-confine, Personal, et al interfaces) and store reviews 16:43 review gsettings patches 16:43 various policy updates for 2.23 16:43 that's it for me 16:43 continue seccomp arg filtering policy 16:43 mdeslaur: you're up 16:44 I'm on community this week 16:44 and I'm about to release tiff updates 16:44 and I'll be going down the list 16:44 that's about it, sbeattie, you're up 16:46 I'm on bug triage this week 16:46 I also have kernel signoffs to do. 16:46 after that, I'll also be focusing on updates 16:47 that's pretty much it for me. tyhicks, you're up 16:47 I'm on cve triage this week 16:48 I need to propose a bit of a design change for the seccomp kernel patches and send out revision 5 of the set 16:48 need to circle back to the apparmor utils patch set to fix something that cboltz requested and then send out revision 2 of the set 16:49 I have a design review to do 16:49 and right now I'm fighting with configuration issues on my new laptop so I need to spend a little time smoothing those out 16:49 that's it for me 16:49 jjohansen: you're up 16:49 I need to revise the gsetting patches based on review feedback, and send out the notification patchset so it can be reviewed 16:49 and I need to get back to upstreaming work, I am hoping to get an RFC out this week so I can do another pull request in a few weeks 16:49 oh and there some bugs, I need to follow up on. 16:51 that is it for me, sarnold 16:51 I'm in the happy place this week; I'm going to release the shadow update, finish the lasso mir, AA patch reviews, and then move down the list of MIRs 16:51 that's it for me, chrisccoulson? 16:52 I plan to get our firefox packages building with rust by the end of the week 16:52 I've also got to start preparing the next update, which is next week 16:52 Before I do that, I need to fix our menubar patch which currently makes it crash thanks to a late change in firefox 16:53 I also need to unbreak ubufox (bug 1648649) 16:53 bug 1648649 in ubufox (Ubuntu) "Ubufox is broken in Firefox Nightly, due to using no-longer-supported "for each" syntax. Error console now shows "SyntaxError: missing ( after for UpdateNotifier.js:217:8"" [High,Triaged] https://launchpad.net/bugs/1648649 16:53 Other than that, I've got 2 large code reviews to do for oxide 16:53 I suspect I might not get much else done this week 16:53 that's me done 16:53 I'm in the happy place this week 16:53 I'm still working on vivid updates for Core and Touch 16:54 back to you, tyhicks 16:54 thanks! 16:54 [TOPIC] Highlighted packages 16:54 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:54 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:54 http://people.canonical.com/~ubuntu-security/cve/pkg/php-openid.html 16:54 http://people.canonical.com/~ubuntu-security/cve/pkg/sleekxmpp.html 16:54 http://people.canonical.com/~ubuntu-security/cve/pkg/collectd.html 16:54 http://people.canonical.com/~ubuntu-security/cve/pkg/vxl.html 16:54 http://people.canonical.com/~ubuntu-security/cve/pkg/libpdfbox-java.html 16:54 [TOPIC] Miscellaneous and Questions 16:54 Does anyone have any other questions or items to discuss? 16:54 oh, I need to sponsor chromium too :) 16:56 ack 16:56 jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks! 16:56 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)