16:30 <ratliff> #startmeeting 16:30 <meetingology> Meeting started Mon Oct 31 16:30:57 2016 UTC. The chair is ratliff. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:30 <meetingology> 16:30 <meetingology> Available commands: action commands idea info link nick 16:31 <ratliff> The meeting agenda can be found at: 16:31 <ratliff> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:31 <ratliff> [TOPIC] Announcements 16:31 <ratliff> Nikita Yerenkov-Scott (arthur-dent) provided debdiffs for trusty-xenial for tracker (LP: #1178402) 16:31 <ubottu> Launchpad bug 1178402 in tracker (Ubuntu Xenial) "tracker-extract crashed with signal 5 in g_malloc()" [High,Fix released] https://launchpad.net/bugs/1178402 16:31 <ratliff> Scott Kitterman (ScottK) provided a debdiff for trusty for kdepimlibs (LP: #1631237) 16:31 <ubottu> Launchpad bug 1631237 in kdepimlibs (Ubuntu Trusty) "KMail: HTML injection in plain text viewer" [High,Fix released] https://launchpad.net/bugs/1631237 16:31 <ratliff> Simon Quigley (tsimonq2) provided a debdiff for precise for kdepimlibs (LP: #1630700) 16:31 <ubottu> Launchpad bug 1630700 in kcoreaddons (Ubuntu Xenial) "CVE - KMail - HTML injection in plain text viewer" [High,Confirmed] https://launchpad.net/bugs/1630700 16:32 <ratliff> Nikita Yerenkov-Scott (arthur-dent) provided debdiffs for xenial-yakkety for openjpeg2 (LP: #1630702) 16:32 <ubottu> Launchpad bug 1630702 in openjpeg2 (Ubuntu Yakkety) "Fix for CVE-2016-8332 and CVE-2016-7163" [Medium,Fix released] https://launchpad.net/bugs/1630702 16:32 <ratliff> Andreas Cadhalpun (andreas-cadhalpun) provided a debdiff for xenial for ffmpeg (LP: #1581156) 16:32 <ubottu> Launchpad bug 1581156 in ffmpeg (Ubuntu) "Update to bugfix release 2.8.8 in Xenial" [High,Fix released] https://launchpad.net/bugs/1581156 16:32 <ratliff> Thank you for your assistance in keeping Ubuntu users secure! :) 16:32 <ratliff> [TOPIC] Weekly stand-up report 16:32 <ratliff> mdeslaur: you're up 16:32 <mdeslaur> I'm still in the happy place this week 16:32 <mdeslaur> I have a couple of updates I'm testing 16:32 <mdeslaur> and I'm working on a couple of embargoed issues 16:32 <mdeslaur> that's about it for me 16:32 <mdeslaur> hrm, who's next? 16:33 <ratliff> chrisccoulson ? 16:33 <chrisccoulson> hi :) 16:33 <chrisccoulson> this week, I'll be mostly working on https://blueprints.launchpad.net/oxide/+spec/ubuntu-webview-implementation, which is blocking a bunch of personal-related work we discussed at the sprint 16:34 <chrisccoulson> I need to publish Oxide (it's all tested already). I don't have any other updates planned 16:34 <chrisccoulson> that's me done 16:35 <ratliff> I'll jump in and go next. We have some team members out due to illness, appointments, and vacation. 16:35 <ratliff> I'm on CVE triage this week. 16:36 <ratliff> I'm working on a project to review open CVEs for universe packages. 16:37 <ratliff> for the record, sarnold is on bug triage and tyhicks is on community this week 16:38 <ratliff> jjohansen: do you want to go next? 16:38 <jjohansen> sure 16:40 <jjohansen> I'm trying to finish up some gsettings review and related work, and I have some bugs to look at (and file), there is a memory leak, and lxd related issue with some files being passed into the container. Neither of which have bugs yet 16:40 <jjohansen> oh and I need to upstream the change_hat() fix 16:40 <jjohansen> cboltz really needs that one 16:40 <jjohansen> thats it for me ratliff back to you 16:40 <ratliff> thank you! 16:40 <ratliff> [TOPIC] Highlighted packages 16:41 <ratliff> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:41 <ratliff> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:41 <ratliff> http://people.canonical.com/~ubuntu-security/cve/pkg/pykerberos.html 16:41 <ratliff> http://people.canonical.com/~ubuntu-security/cve/pkg/maven-indexer.html 16:41 <ratliff> http://people.canonical.com/~ubuntu-security/cve/pkg/revelation.html 16:41 <ratliff> http://people.canonical.com/~ubuntu-security/cve/pkg/sanlock.html 16:41 <ratliff> http://people.canonical.com/~ubuntu-security/cve/pkg/lib3ds.html 16:41 <ratliff> [TOPIC] Miscellaneous and Questions 16:41 <ratliff> Does anyone have any other questions or items to discuss? 16:43 <ratliff> mdeslaur, jjohansen, ChrisCoulson: Thanks! 16:43 <ratliff> #endmeeting