== Meeting information == * #ubuntu-meeting Meeting, 27 Jun at 16:31 — 16:54 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2016/ubuntu-meeting.2016-06-27-16.31.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:31. === Highlighted packages === The discussion about "Highlighted packages" started at 16:51. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/node-tar.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libcommons-collections4-java.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/phpldapadmin.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:51. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libgwenhywfar.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-snapshot.html == Vote results == == Done items == * (none) == People present (lines said) == * tyhicks (32) * jjohansen (10) * sbeattie (7) * mdeslaur (6) * chrisccoulson (5) * jdstrand (5) * sarnold (4) * ratliff (3) * meetingology (3) == Full Log == 16:31 #startmeeting 16:31 Meeting started Mon Jun 27 16:31:32 2016 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:31 16:31 Available commands: action commands idea info link nick 16:31 The meeting agenda can be found at: 16:31 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:31 [TOPIC] Weekly stand-up report 16:31 jdstrand: you're up 16:32 short week-- I'm off friday and next monday is a national holiday 16:32 focusing on snappy this week: right now: dbus-bind interface, finish up the interfaces documentation changes. will work with morphis on testing/sponsoring pulseaudio SRU for disabling recording if snap policy (ie, finish phase 1) 16:32 then go down the list depending on what is unblocked. there are policy updates, verifying content sharing if it is ready (snapd side landed, snap-confine side pending), implementing seccomp arg filtering rules after it lands in xenial 16:32 that's it from me 16:32 mdeslaur: you're up 16:33 I'm on triage this week 16:33 I have patch piloting to do tomorrow 16:33 and am currently working on tomcat updates 16:33 friday I'm off for a national holiday 16:33 that's about it, sbeattie? 16:33 I'm n the happy place this week 16:34 I'm also on a short week, planning to take this friday off 16:34 I'll have kernel USNs to publish shortly 16:35 I also need to finish sponsoring a kinit update for yofel 16:35 Beyond that, I'll try to to pick up another update or two 16:36 That's probably it for my week. tyhicks? 16:36 sbeattie: do you know where to watch for PIE failures in doko's upcoming yakkety test rebuild? 16:36 IIRC, he should be kicking that off this week 16:37 I'm on community this week 16:37 tyhicks: yeah, I'll watch for that, thanks for the reminder. 16:37 I'm still working on the apparmor yakkety upload and xenial SRU but think I'm finally done with all the changes that need to go into yakkety 16:38 I'll then switch to working on seccomp complain mode 16:38 I also have an embargoed issue 16:38 that's it for me 16:38 jjohansen: you're up 16:39 I have some testing to finish up for my upstream pull request (carry over from last week) 16:39 I need to do some new testing on a revised 4.7 rebase 16:40 (of apparmor) 16:40 jjohansen: what deadline are you looking at for fixes that can go into the 16.04.1 kernel? 16:40 and I need to finish up the ipc cross label validation fix for stacking, and of course testing of it 16:41 tyhicks: I still need to coordinate that with the kt 16:41 I would like to be done my fixes this week 16:41 nice 16:42 well, as long as "would like to be ..." to "can be ..." aren't at odds with each other :) 16:42 I need to revise and test the profile name validation stuff, lxc/lxd are actively using a wider set than we were allowing (ie. the checks should have been in place a long time ago) 16:43 thankfully we can support the broader set with out a problem 16:43 good 16:44 oh and I have a short week, I am off Friday to join mdeslaur in celebrating July 1 16:44 heh 16:44 I think that is it from me, sarnold you are up 16:44 I gotta admit that sounds like a good idea :) 16:44 is it too late for me to also ask for friday off? :) 16:45 I'm on bug triage this week; I expect to finish the livepatch daemon review tomorrow then resume MIRs 16:46 that's it for me, chrisccoulson? 16:46 I've got Chromium to sponsor this week, and I need to publish Oxide 16:47 I spent a fair amount of time last week fixing various build issues and got arm64 builds of Oxide in a PPA (https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/landing-052/+packages) 16:47 Other than that, I hope to finally be able to spend time working through https://blueprints.launchpad.net/oxide/+spec/converged-device-support 16:48 That's me done 16:48 ratliff: you're up :) 16:48 I'm looking into the CVE tracker this week. 16:49 I'll be out on Thursday 16:49 back to you tyhicks 16:50 chrisccoulson: I think you still have a todo to document the flash update process 16:50 tyhicks, oh yes, that as well 16:51 thanks! 16:51 [TOPIC] Highlighted packages 16:51 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:51 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:51 http://people.canonical.com/~ubuntu-security/cve/pkg/node-tar.html 16:51 http://people.canonical.com/~ubuntu-security/cve/pkg/libcommons-collections4-java.html 16:51 http://people.canonical.com/~ubuntu-security/cve/pkg/phpldapadmin.html 16:51 [TOPIC] Miscellaneous and Questions 16:51 http://people.canonical.com/~ubuntu-security/cve/pkg/libgwenhywfar.html 16:51 http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-snapshot.html 16:51 Does anyone have any other questions or items to discuss? 16:54 jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks! 16:54 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)