== Meeting information == * #ubuntu-meeting Meeting, 04 Jan at 16:39 — 16:55 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2016/ubuntu-meeting.2016-01-04-16.39.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Announcements === The discussion about "Announcements" started at 16:39. === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:40. === Highlighted packages === The discussion about "Highlighted packages" started at 16:52. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/jgit.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/openjpa.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-h8300-hms.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-4.8-ppc64el-cross.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/doctrine.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:52. == Vote results == == Done items == * (none) == People present (lines said) == * tyhicks (36) * mdeslaur (9) * jjohansen (8) * sarnold (7) * dholbach (3) * chrisccoulson (3) * ubottu (3) * meetingology (3) == Full Log == 16:39 #startmeeting 16:39 Meeting started Mon Jan 4 16:39:32 2016 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:39 16:39 Available commands: action commands idea info link nick 16:39 The meeting agenda can be found at: 16:39 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:39 [TOPIC] Announcements 16:39 Bryan Quigley (gQuigs) provided a debdiff for trusty for cups (LP: #1505328) 16:39 Launchpad bug 1505328 in cups (Ubuntu Trusty) "Cups SSL is vulnerable to POODLE" [High,Fix released] https://launchpad.net/bugs/1505328 16:39 Stefan Bader (smb) provided debdiffs for precise-wily for xen 16:40 Louis Bouchard (caribou) provided debdiffs for trusty-wily for sosreport (LP: #1525271) 16:40 Launchpad bug 1525271 in sosreport (Ubuntu Wily) "CVE-2015-7529 needs to be backported to supported releases" [High,Fix released] https://launchpad.net/bugs/1525271 16:40 Thank you for your assistance in keeping Ubuntu users secure! :) 16:40 [TOPIC] Weekly stand-up report 16:40 mdeslaur: you're up 16:40 \o 16:40 I'm on triage this week 16:41 I'm currently working on the samba updates 16:41 I plan on releasing those probably this week 16:41 and I have some other updates in the security team proposed ppa that need testing 16:41 and I'll see if I can pick something else from the list after that 16:41 that's pretty much it from me, sbeattie? 16:42 I don't think he's in yet so I'll go 16:42 I'm in the community role this week 16:42 I have a lot of email catchup to do from the holidays (as I'm sure we all do) 16:43 ctrl-a, del 16:43 after that, I plan on helping jjohansen with the AppArmor stacking work 16:43 :) 16:44 I'd also like to spend a little bit of time looking at rngd and if it works to seed /dev/random with the hwrng on the beagle bone black 16:44 well right up until you get to that third email ... 16:44 jjohansen: you're up 16:45 I will be looking at (drowning in) the email backlog as well 16:46 besides that it doing AppArmor stacking work 16:46 well and I guess syncing up with sbeattie and the kteam on where the kernel is 16:46 s/kernel/kernel workflow/ 16:47 that is it for me sarnold you are up 16:47 I'm on bug triage this week 16:47 also digging my way out of email 16:48 will continue the dpdk mir this week, aiming to finish it soon 16:48 will help out with apparmor kernel patch review once that's finished 16:48 and learn how to speak in complete sentences next week 16:49 chrisccoulson? 16:49 jjohansen: do we have any pending apparmor kernel patch reviews to be done? 16:49 I've got a thunderbird update to do this week. And it looks like Oxide and Chromium too 16:49 oh forgot to mention. because of my two-week holiday, I completely forgot how debian packaging works. 16:49 I thought I went through all pending patches in the last working week of 2015 16:49 tyhicks: no, I think you covered it all 16:49 sarnold: fyi ^ 16:49 oh hooray :) 16:50 of course since sarnold has so much fun with them ... 16:50 chrisccoulson: sorry, go ahead :) 16:50 Other than that, I'll be working through my e-mail backlog (well, ctrl+a, del) and doing some reviews 16:50 I think that's me done 16:51 chrisccoulson: lots of updates :) 16:52 mdeslaur: impressive that you can remember how debian packaging works across the weekends 16:52 [TOPIC] Highlighted packages 16:52 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:52 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/jgit.html 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/openjpa.html 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-h8300-hms.html 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-4.8-ppc64el-cross.html 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/doctrine.html 16:52 [TOPIC] Miscellaneous and Questions 16:52 Does anyone have any other questions or items to discuss? 16:53 just because you mentioned highlighted packages... maybe somebody could take a look at bug 1528682? I saw it in the sponsoring queue today 16:53 bug 1528682 in ffmpeg (Ubuntu) "FFmpeg security fixes December 2015 II" [Medium,New] https://launchpad.net/bugs/1528682 16:54 but it's not a real discussion item... :) 16:55 dholbach: thanks - I'll have a look this week as part of the community role rotation that I'm on 16:55 awesome - thanks 16:55 mdeslaur, jjohansen, sarnold, ChrisCoulson: Thanks! 16:55 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)