== Meeting information == * #ubuntu-meeting Meeting, 24 Sep at 16:31 — 16:50 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-09-24-16.31.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Announcements === The discussion about "Announcements" started at 16:31. === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:32. === Highlighted packages === The discussion about "Highlighted packages" started at 16:48. === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:48. == Vote results == == Done items == * (none) == People present (lines said) == * jdstrand (42) * ebarretto (9) * sbeattie (7) * chrisccoulson (6) * msalvatore (4) * meetingology (3) * jjohansen (3) == Full Log == 16:31 #startmeeting 16:31 The meeting agenda can be found at: 16:31 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:31 Meeting started Mon Sep 24 16:31:46 2018 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:31 16:31 Available commands: action commands idea info link nick 16:31 [TOPIC] Announcements 16:31 The generalist role rotation for this week as follows: 16:31 CVE Triage: sarnold, Bug Triage: sbeattie, Community: amurray, Happy Place: mdeslaur, leosilva, ebarretto, msalvatore 16:32 The Ubuntu Security Team is hiring! Please see: Ubuntu Security engineer: https://boards.greenhouse.io/canonical/jobs/1158266?t=8c0a6c1f1 16:32 [TOPIC] Weekly stand-up report 16:32 I'll go first 16:32 This week I plan to work on: 16:32 * continue brand store snap declarations 16:32 * continue kubernetes-support interfaces 16:32 * various snapd PR reviews 16:32 * iterate on docker PRs 16:33 that's it from me. mdes laur is off today. sbeattie, you're up 16:33 I'm on bug triage this week 16:33 I have an imagemagick update to finish up 16:34 I have some kernel signoffs to complete and the usual kernel cve triage to handle 16:34 I also have an embargoed issue on my plate 16:34 I also have some apparmor tasks to look at. 16:35 That'll more than likely consume my week. 16:35 jjohansen: over to you. 16:37 let's come back to jjohansen 16:37 sarnold: go ahead 16:37 oops sorry 16:37 jdstrand, sarnold is out today 16:38 oh, I forgot 16:38 CheGuevara978: go ahead 16:39 meh 16:39 CheGuevara978: nm 16:39 chrisccoulson: go ahead 16:39 heh 16:39 I'm expecting a firefox update from the desktop team this week to test and publish 16:39 I'm also working on the woff2 MIR 16:40 those shouldn't take up my whole week, so I'll be available to take on some other stuff too 16:40 that's me done 16:40 chrisccoulson: can you pick the next item off the reviews lane? 16:41 leosilva: go ahead 16:41 jdstrand, sure 16:41 chrisccoulson: thanks! 16:41 jdstrand, leosilva is also out this week 16:42 jeez 16:42 ebarretto: perhaps I should have run this by you :) 16:42 ebarretto: thanks 16:42 msalvatore: go ahead 16:42 I'm in the happy place this week. 16:43 I'm planning on focusing on CVE fixes all week unless something else comes up. 16:43 That's it for me. 16:44 msalvatore: did you have particular fixes in mind? 16:44 msalvatore: in terms of source packages? 16:45 jdstrand: I'm working through a lot of re-triage ATM. I'm pushing out a fix for sleuthkit today. After that, I may tackle some nodejs issues. 16:45 cool, thanks 16:45 ebarretto: you're up 16:45 ebarretto: you're not going to tell me you are off today are you? 16:45 jdstrand, nope heeheh 16:46 I'm in the happy place this week: 16:46 - I am working on updating opencv for bionic and devel, just finishing tests 16:46 - I am also working on updating hdf5 for bionic and devel, also finishing tests 16:46 - I will also work on libav for trusty (this might take some time based on the number of CVEs for this package) 16:46 - continue retriaging CVEs 16:46 that's it for me 16:46 jjohansen: go ahead 16:46 I am working on apparmor items for the 4.20 pull request: mjg secmark patch, kernel_t label for kernel network tasks, and the nonewprivs work. In addition I am work on LSM stacking patches 16:47 that is it for me and will take me well beyond this week :( 16:48 [TOPIC] Highlighted packages 16:48 The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security 16:48 updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:48 [TOPIC] Miscellaneous and Questions 16:48 Does anyone have any other questions or items to discuss? 16:49 sbeattie, jjohansen, chrisccoulson, msalvatore, ebarretto: thanks! 16:50 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)