16:35 #startmeeting 16:35 Meeting started Mon Sep 19 16:35:35 2016 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:35 16:35 Available commands: action commands idea info link nick 16:35 The meeting agenda can be found at: 16:35 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:35 [TOPIC] Weekly stand-up report 16:35 jdstrand: you're up 16:36 hi! 16:36 last week worked on the docker interface, updated snappy-debug for new policy/bug fixes, various snappy policy updates, browser-support feedback/improvements, fine-grained autoconnects in snapd, picked up dbus-app discussion, and provided lots of reviews/help/etc to namespace sharing in snap-confine 16:36 this week plan to finish up the namespace sharing card 16:36 finish the docker interface 16:36 respond to feedback on dbus-app interface 16:36 investigate CLONE_NEWUSER issue (I think it is fixed with latest snap-confine, need to fully confirm) 16:37 a few policy updates 16:37 work on snap declarations (PR reviews, review tools updates, etc) 16:37 investigate what network-namespace interface might look like 16:37 that's it from me 16:38 I'm in the happy place this week 16:38 tomorrow, I'm on patch piloting 16:38 I am currently release tomcat updates 16:38 and have started working on clamav updates 16:38 that's pretty much what I'll be doing this week 16:38 sbeattie: you're up 16:38 I'm also in the happy place this week 16:39 I'm finishing up sponsoring an update left over from last week (mariadb) 16:39 ah, two happy place weeks in a row :) 16:39 I have kernel USNs to publish since they went out this morning 16:39 I have some apparmor patches to review 16:40 I'll probably try to pick up an additional update as well 16:40 tyhicks: yeah! It's like paradise! :) 16:40 that'll likely consume my week. tyhicks, over to you 16:41 I'm on community this week 16:41 now that the kernels have published, I need to go verify an apparmor userspace SRU 16:42 jdstrand: ^ fyi, that'll also feed into your SRU 16:42 jdstrand: so watch for that this week 16:42 I think I'm through all my pending snap-confine reviews 16:43 I'm still testing xenial's apparmor in trusty for an SRU 16:43 and I'm finally working on seccomp logging again 16:43 in fact, I probably need to make a band-aid fix to the 4.8 kernel around seccomp logging this week 16:44 that's it for me 16:44 jjohansen: you're up 16:44 I'm still working on 4.8 an lxc/d stacking 16:45 we landed a mostly working 4.8 for the kt on the weekend, but it has at least one odd known regression in the test suite to track down 16:46 and not the full set of patches to support lxc/d landed with it as they were exhibiting more bugs 16:46 jjohansen: what test is failing? 16:46 so, I'll be tracking those down this week and they will go in after the beta kernel 16:47 tyhicks: the exec_stack tests 16:47 however they weren't failing in the kernel 16:47 it is userspace segfaulting 16:48 I can't say however its not the kernels fault yet 16:48 jjohansen: let me know if I need to help you straighten that out 16:48 tyhicks: ack 16:48 jjohansen: I could take the userspace portion over and let you sort out the other issue(s) 16:48 tyhicks: maybe, we can discuss off line 16:48 * tyhicks nods 16:48 err, after the meeting 16:49 sounds like a full week 16:49 sarnold: you're up 16:49 I'm on bug triage this week 16:50 also burning down the list of MIRs, which I understand need some juggling 16:50 wds is underway, I should be able to finish it by eod 16:50 great 16:50 there's also outstanding apparmor patches I'd love to review, but .. time. 16:50 anyway that's me, chrisccoulson? 16:52 chrisccoulson may still be out since he had to step away 16:53 I'll go ahead and he can jump in anytime if he is around 16:53 I'm on CVE triage this week. 16:53 I'm back now :) 16:53 hi chrisccoulson :) 16:53 I'll let you finish 16:53 go ahead chrisccoulson 16:53 oh, ok :) 16:53 I've got a Firefox update to do this week, plus a small Oxide update 16:54 I'll likely be spending a little bit of time on Firefox again (related to menubar / snappy) 16:55 still have any oxide documentation work remaining? 16:55 I landed a bunch of documentation last week in Oxide (http://people.canonical.com/~chrisccoulson/oxide-documentation/overview.html). I'm looking forward to doing stuff this week that doesn't involve writing documentation 16:55 heh 16:55 I filed a bunch of bugs last week whilst writing documentation, and I imagine I'll spend some time this week fixing those 16:55 That's me done 16:56 I will also be looking into the pillow update 16:56 Spending quality time on the Unity 8 MIR Trello board 16:56 And doing further sprint planning 16:56 back to you tyhicks 16:57 thanks 16:57 [TOPIC] Highlighted packages 16:57 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:57 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:57 http://people.canonical.com/~ubuntu-security/cve/pkg/musl.html 16:57 http://people.canonical.com/~ubuntu-security/cve/pkg/gridengine.html 16:57 http://people.canonical.com/~ubuntu-security/cve/pkg/php-cas.html 16:57 http://people.canonical.com/~ubuntu-security/cve/pkg/gitlab.html 16:57 http://people.canonical.com/~ubuntu-security/cve/pkg/pdns.html 16:57 [TOPIC] Miscellaneous and Questions 16:58 Does anyone have any other questions or items to discuss? 16:59 jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks! 16:59 #endmeeting