16:32 <tyhicks> #startmeeting
16:32 <meetingology> Meeting started Mon Aug 22 16:32:14 2016 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:32 <meetingology> 
16:32 <meetingology> Available commands: action commands idea info link nick
16:32 <tyhicks> hi
16:32 <tyhicks> The meeting agenda can be found at:
16:32 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:32 <tyhicks> [TOPIC] Weekly stand-up report
16:33 <tyhicks> mdeslaur: go ahead (jd strand is in the middle of a conversation in another channel)
16:33 <mdeslaur> I'm on cve triage this week
16:33 <mdeslaur> I am working on libidn updates, if I can get them to build
16:33 <mdeslaur> and I have harfbuzz updates to test
16:34 <mdeslaur> I'll be picking something else off the list and I'm leaving for two weeks vacation on friday
16:34 <mdeslaur> that's it for me
16:34 <mdeslaur> sbeattie: you're up
16:34 <sbeattie> mdeslaur: vacation> woo, nice!
16:34 <mdeslaur> oh, tomorrow I have patch piloting also
16:34 <sbeattie> I'm in the happy place this week
16:35 <sbeattie> I have an embargoed issue I'm working on
16:36 <sbeattie> I have some apparmor upstream work to do (reviews, etc)
16:36 <sbeattie> I need to get back to looking for pie-related build failures
16:36 <sbeattie> I'll also try to pick up an update or two this week
16:37 <sbeattie> that's probably it for me. tyhicks?
16:38 <tyhicks> I'm on community duty this week
16:38 <tyhicks> I'll work towards landing a policy adjustment for the fix for bug #1260103
16:38 <ubottu> bug 1260103 in Canonical System Image "oxide should use an app-specific path for shared memory files" [Medium,In progress] https://launchpad.net/bugs/1260103
16:40 <tyhicks> I need to do some code review around some shim changes
16:40 <tyhicks> then I really need to get some time to focus on the seccomp logging changes
16:40 <tyhicks> and maybe do some reviews tools work for squashfs issues
16:40 * jdstrand can go whenever
16:41 <tyhicks> go ahead jdstrand
16:41 <jdstrand> last week was dominated by PR reviews: docker (getting there), udisks2/pluggable-storage (close to landing), fuse (merged), fwupd (getting there), lxd
16:41 <jdstrand> last week also involved coordinating an investigation and designing how to deal with bug #1611444 for devmode (and a few other things). snappy team assigned to the implementation (which will require review from us)
16:41 <ubottu> bug 1611444 in Snappy Launcher "Cannot share a namespaces created with 'ip netns' between apps in a devmode SNAP" [Critical,In progress] https://launchpad.net/bugs/1611444
16:41 <jdstrand> I was assigned some new high priority items:
16:41 <jdstrand> takeover lxd interface and implement lxd-support based on discussions with snappy team
16:41 <jdstrand> work with desktop team on browser policy
16:41 <jdstrand> discuss availability of commamds in core to snap interfaces
16:41 <jdstrand> network-namespace (TBD) interface for allowing snaps to use other network namespaces
16:41 <jdstrand> A couple of policy bugs came in from high profile stakeholders, so I need to fix those and a handful of other small policy bugs
16:41 <jdstrand> I'll try to be responsive to the aforementioned PR reviews as best I can, but these highest priority items will backburner some things for a little bit
16:42 <jdstrand> the dbus-app PR is getting requests again. I'm not going to move to it til I'm through the higher priority cards though unless told otherwise
16:43 <jdstrand> that's it from me
16:43 <tyhicks> that sounds like the right approach to me, jdstrand
16:43 <tyhicks> jjohansen: go ahead
16:44 <jjohansen> I am going to be spending most of my week on the Linux Security Summit
16:45 <jjohansen> any other time is going to be spent on bug fixing and upstreaming apparmor
16:46 <jjohansen> bug 1579135 in particular
16:46 <ubottu> bug 1579135 in apparmor (Ubuntu) "AppArmor profile reloading causes an intermittent kernel BUG" [Critical,Incomplete] https://launchpad.net/bugs/1579135
16:47 <tyhicks> thanks for working on that
16:47 <tyhicks> chrisccoulson: you're up
16:48 <chrisccoulson> I'm catching up from last week - getting through my email backlog and untangling all of the chromium changes over the last week
16:49 <chrisccoulson> I'll also probably do firefox 48.0.1, as there's a few bug fixes in that
16:50 <chrisccoulson> Other than that, I'll be working through oxide bugs as usual
16:50 <chrisccoulson> I think that's me done
16:50 <ratliff> I'm shadowing sarnold doing Bug Triage this week
16:50 <ratliff> Also continuing to work on unity 8 MIRs
16:50 <ratliff> back to you tyhicks
16:52 <tyhicks> thanks
16:52 <tyhicks> [TOPIC] Highlighted packages
16:52 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:52 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/perdition.html
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/tripleo-image-elements.html
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/php-mail.html
16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/shellinabox.html
16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/radare2.html
16:53 <tyhicks> [TOPIC] Miscellaneous and Questions
16:53 <tyhicks> Does anyone have any other questions or items to discuss?
16:53 <tyhicks> jdstrand: I wanted to mention that jasper has already been demoted
16:53 <jdstrand> cool
16:53 <tyhicks> (you had planned to help me with that once it was time)
16:53 <jdstrand> thanks
16:54 <tyhicks> np
16:54 <sbeattie> Oh, I converted the debian2ubuntu bzr tree to git last night, but kees owns the project so I haven't been able to put it in place as the official branch.
16:54 <tyhicks> nice
16:55 <sbeattie> It's at https://code.launchpad.net/~ubuntu-security/debian2ubuntu/+git/debian2ubuntu
16:55 <tyhicks> sbeattie: has the kernel team started using the QRT git tree?
16:55 <sbeattie> yeah, bjf moved over this weekend
16:55 <tyhicks> great
16:56 <sbeattie> he's still wanting the subproject stuff, to get the download sizes down.
16:56 <sbeattie> (can't blame him)
16:56 <tyhicks> agreed
16:56 <sbeattie> I'm hoping to poke at that in the background.
16:56 <tyhicks> I have no experience with submodules so I won't be of any help
16:57 <tyhicks> I'm anxious to see how it works out
16:57 <tyhicks> but do let me know if there are general git questions that I can help with
16:58 <sbeattie> Thanks.
16:58 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, ChrisCoulson, ratliff: Thanks!
16:58 <tyhicks> #endmeeting