16:36 <tyhicks> #startmeeting 16:36 <meetingology> Meeting started Mon Feb 22 16:36:18 2016 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:36 <meetingology> 16:36 <meetingology> Available commands: action commands idea info link nick 16:36 <tyhicks> The meeting agenda can be found at: 16:36 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:36 <tyhicks> [TOPIC] Announcements 16:36 <tyhicks> Gianfranco Costamagna (locutusofborg) provided debdiffs for precise-wily for virtualbox-guest-additions-iso and a debdiff for wily for virtualbox-ext-pack (LP: #1540243) 16:36 <ubottu> Launchpad bug 1540243 in virtualbox-guest-additions-iso (Ubuntu Xenial) "SRU virtualbox-ext-pack, virtualbox-guest-additions-iso to match virtualbox versions" [Low,Fix released] https://launchpad.net/bugs/1540243 16:36 <tyhicks> Vlad Orlov (monsta) provided debdiffs for precise-xenial for gtk+2.0 (LP: #1540811) 16:36 <ubottu> Launchpad bug 1540811 in gtk+2.0 (Debian) "[GDK] patch - avoid integer overflow when allocating a large block of memory" [Unknown,Confirmed] https://launchpad.net/bugs/1540811 16:36 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :) 16:36 <tyhicks> [TOPIC] Weekly stand-up report 16:36 <tyhicks> jdstrand: you're up 16:37 <jdstrand> hey 16:37 <jdstrand> last week I made come good progress on the review tools and squashfs. I'm hoping to finish that up that week, then move on to snappy skills 16:37 <jdstrand> I also have an embargoed issue I need to get to 16:38 <jdstrand> mdeslaur: you're up 16:38 <mdeslaur> I'm testing a cpio update, after that I want to test the new ca-certificates and related package updates in the proposed ppa for releasing this week 16:38 <mdeslaur> after that, I might start backporting the newer sudo to stable releases to finally fix the time issue 16:38 <mdeslaur> that's it from me 16:38 <mdeslaur> sbeattie: you're it 16:39 <sbeattie> I'm on community this week 16:39 <sbeattie> kernel updates are happening today, I think, and I have an embargoed issue 16:40 <sbeattie> I need to finish my thoughts on the pie stuff 16:40 <sbeattie> I also have some apparmor tasks to osrt out. 16:40 <sbeattie> That's probably it for my week 16:40 <sbeattie> tyhicks: you're up 16:42 <tyhicks> I'm on bug triage this week 16:42 <tyhicks> my focus will be on finishing the AppArmor stacking changes needed for the parser 16:42 <tyhicks> I'll also fix the eCryptfs parallel copy file corruption bug (LP: #1543633) 16:42 <ubottu> Launchpad bug 1543633 in eCryptfs "Data corruption during parallel file copying with interruptions" [High,Confirmed] https://launchpad.net/bugs/1543633 16:42 <tyhicks> that's it for me 16:42 <tyhicks> jjohansen: you're up 16:43 <tyhicks> oh, I don't think he's around yet 16:43 <tyhicks> sarnold: go ahead 16:44 <sarnold> I'm on cve triage this week 16:45 <sarnold> I'm working on the zfs MIR, will probably finish that today if the cve triage isn't too deep 16:45 <sarnold> I think the next MIR up is fwupd, not sure what's after that but I seem to recall a pretty deep queue 16:46 <sarnold> oh yeah, someone wnated me to skim the new fwupdate code, that ought to be quick 16:46 <sarnold> I'll try to get to an apparmor patch or two along the way 16:46 <sarnold> that's it for me, chrisccoulson? 16:46 <chrisccoulson> I've got Oxide and Thunderbird updates to get out this week 16:48 <chrisccoulson> I'll also be spending some time working through convergence-related tasks. I put together a list of bugs last week (https://blueprints.launchpad.net/oxide/+spec/converged-device-support) 16:48 <chrisccoulson> Other than that, I've got some embargoed stuff 16:49 <chrisccoulson> That's me done 16:50 <tyhicks> thanks! 16:51 <tyhicks> [TOPIC] Highlighted packages 16:51 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:51 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:51 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/python-rsa.html 16:51 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/castor.html 16:51 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/xorg-server-lts-utopic.html 16:51 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libapache-poi-java.html 16:51 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/fso-usaged.html 16:51 <tyhicks> [TOPIC] Miscellaneous and Questions 16:51 <tyhicks> Does anyone have any other questions or items to discuss? 16:52 <sarnold> "Pure Python RSA implementation" .. yikes 16:54 <tyhicks> :) 16:54 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! 16:54 <tyhicks> #endmeeting