16:32 <tyhicks> #startmeeting 16:32 <meetingology> Meeting started Mon Feb 1 16:32:51 2016 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:32 <meetingology> 16:32 <meetingology> Available commands: action commands idea info link nick 16:33 <tyhicks> The meeting agenda can be found at: 16:33 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:33 <tyhicks> [TOPIC] Announcements 16:33 <tyhicks> Gianfranco Costamagna (LocutusOfBorg) provided debdiffs for trusty-wily for virtualbox (LP: #1538115) 16:33 <ubottu> Launchpad bug 1538115 in virtualbox (Ubuntu) "virtualbox SRU for CVEs" [Medium,Fix released] https://launchpad.net/bugs/1538115 16:33 <tyhicks> Otto Kekäläinen provided debdiffs for mariadb-5.5 (trusty, LP: #1524704) and mariadb-10.0 (vivid, wily, LP: #1538315) 16:33 <ubottu> Launchpad bug 1524704 in mariadb-5.5 (Ubuntu Trusty) "New upstream microrelease available: 5.5.47" [Medium,Fix released] https://launchpad.net/bugs/1524704 16:33 <ubottu> Launchpad bug 1538315 in mariadb-10.0 (Ubuntu Wily) "USN-2881-1: MySQL vulnerabilities also apply to MariaDB" [Medium,Fix released] https://launchpad.net/bugs/1538315 16:33 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :) 16:33 <tyhicks> [TOPIC] Weekly stand-up report 16:33 <tyhicks> jdstrand: you're up 16:35 <jdstrand> hey 16:36 <jdstrand> so, this week I am focusing on snappy. in particular the review tools 16:36 <jdstrand> I will be working on cleanups, new snap.yaml format and squashfs verification 16:36 <jdstrand> I think that is it for me 16:36 <jdstrand> mdeslaur: you're up 16:36 <mdeslaur> I'm on triage this week 16:37 <mdeslaur> and I plan on working on qemu updates 16:37 <jdstrand> oh, I'll also respond to the skills threads as needed 16:37 <mdeslaur> I may have time to pick something else off the list 16:37 <mdeslaur> that's about it, sbeattie 16:37 <sbeattie> I'm in the happy place this week 16:37 <sbeattie> I have openjdk updates that I'm finishing up 16:38 <sbeattie> I need to finish writing up my gcc -pie email about the test rebuild 16:38 <sbeattie> I also have some apparmor items to get through this week 16:38 <sbeattie> That will probably consume most of my week, along with the usual kernel cve handling. 16:38 <sbeattie> tyhicks: you're up. 16:39 <tyhicks> I'm in the community role this week 16:39 <tyhicks> I will again focus on AppArmor stacking 16:39 <tyhicks> I'm working on adding the ability to handle stacking rules in apparmor_parser 16:40 <tyhicks> I'll also be working on cleaning up a large patch set of AppArmor kernel fixes from jj to land in Xenial and SRU to stable releases 16:41 <tyhicks> if I have time, there are a few code review requests that would be nice to tend to 16:41 <tyhicks> that's it for me 16:41 <tyhicks> jjohansen: you're up 16:42 <tyhicks> I don't see him around atm 16:42 <tyhicks> sarnold_: go ahead 16:43 <sarnold> bah 16:44 <sarnold> I'm on bug triage this week; I ought to finish the dpdk MIR today or tomorrow (depending upon how buggy the weekend was :) and then move on to the backlog of review requests; if there's more apparmor stacking discussion, maybe throw in my two cents occasionally 16:44 <sarnold> that should do it for me, chrisccoulson? 16:44 <chrisccoulson> I don't have any updates planned this week (yay), although I'm still expecting a thunderbird update at some point 16:45 <chrisccoulson> So I'll be focusing on finishing bug 1459830 and investigating some issues with playcanvas 16:45 <ubottu> bug 1459830 in Oxide "Support drag and drop" [Medium,In progress] https://launchpad.net/bugs/1459830 16:46 <chrisccoulson> Oh, the "no updates planned" bit isn't technically true - I'll be updating Firefox this week to fix a regression in the current version 16:46 <chrisccoulson> I think that's me done 16:46 <tyhicks> bummer 16:46 <tyhicks> would have been nice to make it through the week without an update :) 16:46 <chrisccoulson> heh 16:47 <tyhicks> [TOPIC] Highlighted packages 16:47 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:47 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/owncloud-client.html 16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/node.html 16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/tripleo-heat-templates.html 16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/geary.html 16:47 <tyhicks> [TOPIC] Miscellaneous and Questions 16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/puppet-module-puppetlabs-stdlib.html 16:47 <tyhicks> Does anyone have any other questions or items to discuss? 16:49 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! 16:49 <tyhicks> #endmeeting