16:40 <tyhicks> #startmeeting 16:40 <meetingology> Meeting started Mon Jun 29 16:40:41 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:40 <meetingology> 16:40 <meetingology> Available commands: action commands idea info link nick 16:40 <tyhicks> The meeting agenda can be found at: 16:40 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:41 <tyhicks> [TOPIC] Announcements 16:41 <tyhicks> Thanks to Thomas Ward (teward) for help on security updates (14.04 and 14.10) for the community supported putty (LP: #1467631) last week. Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 16:41 <ubottu> Launchpad bug 1467631 in putty (Ubuntu Precise) "CVE-2015-2157 - SSH2 Private Keys Not Properly Wiped from Memory" [Low,Confirmed] https://launchpad.net/bugs/1467631 16:41 <tyhicks> [TOPIC] Weekly stand-up report 16:41 <tyhicks> mdeslaur: you're up 16:41 <mdeslaur> I'm about to publish an embargoed issue in a half hour 16:41 <mdeslaur> and I'm currently working on php5 updates 16:41 <mdeslaur> I have a ca-certificates issue to look into 16:42 <mdeslaur> and this week is a short week because of a national holiday on wednesday 16:42 <mdeslaur> that's it for me this week 16:42 <mdeslaur> sbeattie, you're up 16:43 <sbeattie> I'm on community this week 16:43 <sbeattie> I'm poking again at gcc-pie 16:44 <sbeattie> and I've got more apparmor patches to review. 16:44 <sbeattie> that's pretty much my week 16:44 <sbeattie> tyhicks: all yours 16:44 <tyhicks> I've got an embargoed issue 16:45 <tyhicks> oh, I'm on bug triage this week 16:45 <tyhicks> I have some work tracking improvements to do for better integration with the ubuntu-cve-tracker 16:45 <tyhicks> and I hope to get back to AppArmor userspace support for kernel keyring mediation 16:45 <tyhicks> that's it for me 16:45 <tyhicks> sarnold: you're up 16:47 <sarnold> oh man you guys went quickly :) 16:47 <sarnold> I'm on CVE triage this week 16:48 <sarnold> I'm also working on the ppc64-diag follow-on MIR audits 16:48 <sarnold> I might also handle a few smaller apparmor patch reviews 16:48 <sarnold> I think that's it for me, chrisccoulson? 16:49 <chrisccoulson> I've got Mozilla updates this week. I also need to get Oxide 1.7.9 published, and I'm expecting Chromium too 16:49 <chrisccoulson> I've got to do some work to make the Firefox packaging buildable again as well 16:50 <chrisccoulson> Other than that, I'll be working through Oxide bugs. I'm currently working on bug 1410753, which I have an initial working implementation of (https://code.launchpad.net/~chrisccoulson/oxide/new-user-agent-override-api) 16:50 <ubottu> bug 1410753 in Oxide "Implement a new API for overriding the user agent string" [Medium,In progress] https://launchpad.net/bugs/1410753 16:50 <chrisccoulson> That's me done 16:50 <tyhicks> thanks! 16:51 <tyhicks> [TOPIC] Highlighted packages 16:51 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:51 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:51 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/krb5-appl.html 16:51 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/flightgear.html 16:51 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/ruby-rack1.4.html 16:51 <tyhicks> [TOPIC] Miscellaneous and Questions 16:51 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/mosh.html 16:51 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/linkchecker.html 16:51 <tyhicks> Does anyone have any other questions or items to discuss? 16:51 <teward> o/ tyhicks: Thanks for the acknowledgement of my putty patches! Glad to help out, especially since I know quite a few people who use PuTTY on Ubuntu, and this keeps them secure too! :) 16:51 <teward> (that's all :) ) 16:51 <tyhicks> thanks again, teward :) 16:51 <teward> you're welcome! 16:52 <tyhicks> mdeslaur, sbeattie, sarnold, ChrisCoulson: Thanks! 16:52 <tyhicks> #endmeeting