#ubuntu-meeting log

16:30 <tyhicks> #startmeeting
16:30 <meetingology> Meeting started Mon Feb  6 16:30:54 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:30 <meetingology> 
16:30 <meetingology> Available commands: action commands idea info link nick
16:31 <tyhicks> The meeting agenda can be found at:
16:31 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:31 <tyhicks> there are no announcements today
16:31 <tyhicks> [TOPIC] Weekly stand-up report
16:31 <tyhicks> jdstrand: you're up
16:31 <jdstrand> hi!
16:31 <jdstrand> - several big PR reviews, in particular around Personal (unity8, maliit), but also others
16:31 <jdstrand> - continue with seccomp arg filtering snappy policy (6 were sent up, more to come)
16:31 <jdstrand> - various other snappy policy updates
16:31 <jdstrand> - move to miscellaneous review tools updates as have time
16:31 <jdstrand> mdeslaur: you're up
16:32 <mdeslaur> I'm i the happy place this week
16:32 <mdeslaur> I'm working on some updates
16:32 <mdeslaur> I'll pick more from the list after that
16:32 <mdeslaur> that's about it, sbeattie?
16:32 <sbeattie> I'm also in the happy place this week.
16:32 <sbeattie> I'll be focusing on updates this week.
16:33 <sbeattie> That's pretty much it for me.
16:33 <sbeattie> tyhicks: you're up
16:33 <tyhicks> I'm on community this week
16:33 <tyhicks> I need to prepare an apparmor SRU for bug 1661406
16:33 <ubottu> bug 1661406 in apparmor (Ubuntu Trusty) "apparmor failing to be purged on trusty" [Medium,Confirmed] https://launchpad.net/bugs/1661406
16:34 <tyhicks> that's the only regression, due to the big SRU, that I'm aware of on Trusty but let me know if you want me to include any other changes in my upload
16:35 <tyhicks> it looks like I have a few good security sponsorings to do this week
16:35 <tyhicks> I'd still like to upload apparmor 2.11 to zesty
16:35 <tyhicks> I expect to have some followup discussions and some libseccomp work fall out of the seccomp kernel patches that I sent up last week
16:36 <tyhicks> I have a little bit of libvirt apparmor research to do around what it would take to dynamically update the policy when someone adjusts the disk image path via `virsh edit`
16:36 <tyhicks> that's it for me
16:36 <tyhicks> jj is out
16:37 <tyhicks> sarnold: you're up
16:37 <sarnold> I'm on bug triage this week, working my way down the MIRs; I'm very nearly finished with the mellon apache auth module, so advice on next one to start would be appreciated
16:37 <sarnold> that's it for me, chrisccoulson?
16:38 <chrisccoulson> I'm hoping to publish oxide updates this week. I was hoping to do it last week but they're blocked because I have to wait for the stable overlay PPA to be updated first
16:38 <chrisccoulson> I'll also probably have to do a firefox update again (there's another point release)
16:39 <chrisccoulson> I need to figure out why firefox crashes on arm, which currently prevents the build from completing
16:39 <jdstrand> tyhicks: talk to me about virsh edit. this sounds like something that libvirt should be handling already
16:40 <chrisccoulson> Other than that, I'll be working on bug 1638852
16:40 <ubottu> bug 1638852 in Oxide "Add touch selection handles and quick menu to UbuntuWebView" [High,In progress] https://launchpad.net/bugs/1638852
16:40 <jdstrand> tyhicks: (ie, outside of this meeting)
16:40 <tyhicks> jdstrand: will do - thanks
16:40 <chrisccoulson> And no doubt I'll spend a bit of time crying about rust
16:40 <chrisccoulson> That's me done
16:40 <chrisccoulson> oh no
16:40 <ratliff> I'm on CVE triage this week
16:40 <tyhicks> chrisccoulson: looks like you're still expecting chromium-browser updates too
16:40 <chrisccoulson> 1 more thing
16:40 <chrisccoulson> Firefox/GCC4.9 on trusty doesn't run either, so I need to figure that out
16:41 <chrisccoulson> Really done now :)
16:41 <chrisccoulson> sorry
16:41 <ratliff> :-)
16:41 <ratliff> I'm triaging CVEs this week.
16:41 <chrisccoulson> tyhicks, ack
16:41 <ratliff> And still recovering from being sick.
16:41 <ratliff> I am still working on updates for core (15.04) and touch.
16:42 <ratliff> I will be out for 1/2 day on Friday.
16:42 <ratliff> back to you, tyhicks
16:43 <tyhicks> thanks
16:43 <tyhicks> [TOPIC] Highlighted packages
16:43 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:43 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/lib3ds.html
16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/hesiod.html
16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/newlib.html
16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/teeworlds.html
16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libssh2.html
16:43 <tyhicks> [TOPIC] Miscellaneous and Questions
16:43 <tyhicks> Does anyone have any other questions or items to discuss?
16:44 <tyhicks> jdstrand, mdeslaur, sbeattie, sarnold, ChrisCoulson, ratliff: Thanks!
16:44 <tyhicks> #endmeeting