16:41 <tyhicks> #startmeeting 16:41 <meetingology> Meeting started Mon Nov 14 16:41:13 2016 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:41 <meetingology> 16:41 <meetingology> Available commands: action commands idea info link nick 16:41 <jdstrand> hello 16:41 <tyhicks> The meeting agenda can be found at: 16:41 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:41 <tyhicks> [TOPIC] Weekly stand-up report 16:41 <tyhicks> jdstrand: you're up 16:41 <jdstrand> this week: 16:41 <jdstrand> finalize various snappy interface PR reviews (I'm waiting on feedback) 16:41 <jdstrand> address feedback in 32bit binaries on 64bit snap-confine PR 16:41 <jdstrand> various snappy policy updates 16:41 <jdstrand> pick up dbus-app PR now that the snappy team is back 16:42 <jdstrand> start poking at network-namespace interface 16:42 <jdstrand> if have time, start implementing seccomp arg filtering policy that uses the arg filtering feature we implemented a long time ago 16:42 <jdstrand> that's it from me 16:43 <mdeslaur> looks like sbeattie isn't here, so I'll go next 16:43 <mdeslaur> I'm on bug triage this week 16:43 <tyhicks> you're always second :) 16:43 <mdeslaur> oh, hrm, right 16:43 <mdeslaur> off-by-one 16:43 <mdeslaur> I'm on bug triage this week 16:43 <mdeslaur> and I'm still working on ImageMagick 16:44 <mdeslaur> and I'm off on friday 16:44 <mdeslaur> and...that's all folks 16:44 <mdeslaur> err...who's after sbeattie? 16:44 <tyhicks> looks like sbeattie isn't here, so I'll go next 16:44 <mdeslaur> hehehe 16:44 <tyhicks> I'm in the happy place this week 16:45 <tyhicks> I've got some SRU team followup to do on the apparmor 14.04 SRU 16:45 <tyhicks> there's an eCryptfs issue that I need to at least look into 16:45 <tyhicks> and hopefully I can get a start on seccomp logging changes for snappy 16:46 <tyhicks> that's it for me 16:46 <tyhicks> jjohansen: go ahead 16:46 <tyhicks> oh, I had one more thing for snaps on 14.04 16:46 <tyhicks> I need to backport dbus unrequested reply protections to 14.04's dbus 16:47 <tyhicks> that's really it for me this time 16:47 <jjohansen> 'm working on bugs, 16:47 <jjohansen> I have the unix domain socket cross ns issue to do more testing on, 16:47 <jjohansen> the noisy logging of apparmor/.null files, 16:47 <jjohansen> several memory leaks due to reference counting, 16:47 <jjohansen> hopefully I'll have more info on 100026726 16:47 <jjohansen> and I also have ADT test failures to look into more 16:49 <jjohansen> and if I get time, upstreaming work 16:49 <jjohansen> thats it for me 16:49 <jjohansen> sarnold: you're up 16:50 <sarnold> I'm in the happy place this week 16:50 <sarnold> and finally things feel back to normal after travels, so I'll probably return to the backlog of MIRs 16:51 <sarnold> that ought to be enough to keep me busy until the next release or sprint, so that's it for me :) 16:51 <sarnold> chrisccoulson? 16:51 <tyhicks> good idea before the next wave come in 16:51 <chrisccoulson> I've got a firefox update this week, and I also need to do a new oxide release 16:51 <chrisccoulson> I'll hopefully be carrying on with https://blueprints.launchpad.net/oxide/+spec/ubuntu-webview-implementation, although I'm currently bogged down with investigating a crash at the moment 16:52 <chrisccoulson> I think that's pretty much me done 16:52 <tyhicks> thanks chrisccoulson 16:52 <tyhicks> sbeattie: go ahead 16:52 <sbeattie> I'm on cve triage this week 16:52 <sbeattie> I have openjdk-7 updates to test from tdaitx, and I need to finish up the python updates I was working on 16:53 <sbeattie> I have kernel signoffs to do, and some tooling work to do around the kernel update process as well 16:53 <sbeattie> I need to get back to apparmor stuff, too 16:53 <sbeattie> that's probably more than enough for this week 16:53 <sbeattie> tyhicks: back to you 16:54 <tyhicks> thanks 16:54 <tyhicks> [TOPIC] Highlighted packages 16:54 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:54 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:54 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/node-ws.html 16:54 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/tomboy.html 16:54 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/wss4j.html 16:54 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/jquery-jplayer.html 16:54 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/flatnuke.html 16:54 <tyhicks> [TOPIC] Miscellaneous and Questions 16:54 <tyhicks> Does anyone have any other questions or items to discuss? 16:56 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! 16:56 <tyhicks> #endmeeting