16:30 <ratliff> #startmeeting 16:30 <meetingology> Meeting started Mon Jan 9 16:30:24 2017 UTC. The chair is ratliff. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:30 <meetingology> 16:30 <meetingology> Available commands: action commands idea info link nick 16:30 <jdstrand> hi! 16:30 <ratliff> The meeting agenda can be found at: 16:30 <ratliff> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:30 <ratliff> [TOPIC] Announcements 16:30 <ratliff> Andreas Cadhalpun provided debdiffs for xenial and yakkety for ffmpeg (LP: #1648265 LP: #1647226) 16:30 <ubottu> Launchpad bug 1648265 in ffmpeg (Ubuntu Yakkety) "FFmpeg security fixes December 2016 (yakkety)" [Medium,Fix released] https://launchpad.net/bugs/1648265 16:30 <ubottu> Launchpad bug 1647226 in ffmpeg (Ubuntu Xenial) "FFmpeg security fixes December 2016 (xenial)" [Low,Fix released] https://launchpad.net/bugs/1647226 16:30 <ratliff> Thank you for your assistance in keeping Ubuntu users secure! :) 16:31 <ratliff> [TOPIC] Weekly stand-up report 16:31 <ratliff> mdeslaur: you're up! 16:33 <ratliff> jdstrand: you may want to go ahead and we'll catch up with mdeslaur later 16:33 <jdstrand> last week: 16:33 <jdstrand> various review tools updates to support new yaml and snap declarations 16:33 <jdstrand> investigate/fix/upload SRU/verify seccomp changes in support of snapd on 14.04 16:33 <jdstrand> this week: 16:33 <jdstrand> make sure ufw 0.35-3 gets into Debian and zesty (to fix a ftbfs due to an updated netbase which broke the testsuite). trunk is fixed and packages prepared/tested, just need to make sure they get everywhere 16:33 <jdstrand> plan to continue to help Tyler and Emily with sprint preparation, feedback and outcomes as necessary 16:33 <jdstrand> have several PR reviews and followups for snapd 2.21 16:33 <jdstrand> organize snapd/policykit documents for future discussions 16:33 <jdstrand> I have a number of policy updates I'd like to have in place this week in time for snapd 2.21 16:33 <jdstrand> work on seccomp arg filtering policy in earnest 16:33 <jdstrand> mdeslaur: you're up :) 16:33 <jdstrand> I guess sbeattie would be next 16:34 <sbeattie> I'm in the happy place this week 16:34 <sbeattie> I need to finish the ssh updates I was working on 16:34 <sbeattie> I also need to look in more depth at the aslr/relocatable symbols stuff that came up 16:35 <sbeattie> I have a few kernel signoffs to do due to respins 16:35 <sbeattie> And I'll try to pick up another update as well 16:35 <sbeattie> that's it for me. 16:36 <sbeattie> ratliff: back to you? 16:36 <ratliff> thanks sbeattie! 16:36 <ratliff> sarnold: you are up 16:37 <sarnold_> I'm on community this week 16:38 <sarnold> I can't recall where I left off with MIRs, but there'll be enough email catchup that it might be acedemic anyway :) 16:39 <sarnold> yeah, that's all I can think of. heh. vacation for the win :) 16:39 <ratliff> :-) welcome back! 16:39 <ratliff> I'm on bug triage this week 16:39 <sarnold> is chrisccoulson back? 16:39 <ratliff> yes 16:39 <chrisccoulson> I'm here 16:40 <ratliff> go ahead chrisccoulson 16:40 <chrisccoulson> oh, sorry, I was a bit unprepared :) 16:40 <chrisccoulson> 1 second 16:40 <chrisccoulson> This week, I need to get thunderbird up-to-date. I've also got an embargoed update to do 16:41 <chrisccoulson> The various Firefox PPAs are in a bit of a state too (not building). I plan to fix that as well 16:41 <chrisccoulson> I need to spend some time backporting gcc 4.9 to trusty, and also trying to get firefox building without --disable-rust 16:41 <chrisccoulson> Other than that, I'll be working on https://blueprints.launchpad.net/oxide/+spec/ubuntu-webview-implementation 16:42 <chrisccoulson> That's me done 16:42 <ratliff> thanks, chrisccoulson! sorry for trying to jump ahead of you :-/ 16:42 <ratliff> I'm on bug triage this week. 16:43 <ratliff> I'm going to continue looking at UCT to generate notifications for the Cloud Archive and modernize the look 16:44 <ratliff> Also have a variety of internal tasks on my agenda. 16:44 <ratliff> ty hicks is sprinting this week 16:44 <ratliff> jj ohansen released AppArmor 2.11 16:45 <ratliff> anything else for the weekly standup? 16:46 <ratliff> [TOPIC] Highlighted packages 16:46 <ratliff> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:46 <ratliff> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:47 <ratliff> http://people.canonical.com/~ubuntu-security/cve/pkg/darktable.html 16:47 <ratliff> http://people.canonical.com/~ubuntu-security/cve/pkg/cableswig.html 16:47 <ratliff> http://people.canonical.com/~ubuntu-security/cve/pkg/sdcc.html 16:47 <ratliff> http://people.canonical.com/~ubuntu-security/cve/pkg/csound.html 16:47 <ratliff> http://people.canonical.com/~ubuntu-security/cve/pkg/p7zip.html 16:47 <ratliff> [TOPIC] Miscellaneous and Questions 16:48 <ratliff> Does anyone have any other questions or items to discuss? 16:49 <ratliff> chrisccoulson, jdstrand, sarnold, sbeattie: Thanks! 16:49 <ratliff> #endmeeting