16:30 <tyhicks> #startmeeting 16:30 <meetingology> Meeting started Mon Feb 6 16:30:54 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:30 <meetingology> 16:30 <meetingology> Available commands: action commands idea info link nick 16:31 <tyhicks> The meeting agenda can be found at: 16:31 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:31 <tyhicks> there are no announcements today 16:31 <tyhicks> [TOPIC] Weekly stand-up report 16:31 <tyhicks> jdstrand: you're up 16:31 <jdstrand> hi! 16:31 <jdstrand> - several big PR reviews, in particular around Personal (unity8, maliit), but also others 16:31 <jdstrand> - continue with seccomp arg filtering snappy policy (6 were sent up, more to come) 16:31 <jdstrand> - various other snappy policy updates 16:31 <jdstrand> - move to miscellaneous review tools updates as have time 16:31 <jdstrand> mdeslaur: you're up 16:32 <mdeslaur> I'm i the happy place this week 16:32 <mdeslaur> I'm working on some updates 16:32 <mdeslaur> I'll pick more from the list after that 16:32 <mdeslaur> that's about it, sbeattie? 16:32 <sbeattie> I'm also in the happy place this week. 16:32 <sbeattie> I'll be focusing on updates this week. 16:33 <sbeattie> That's pretty much it for me. 16:33 <sbeattie> tyhicks: you're up 16:33 <tyhicks> I'm on community this week 16:33 <tyhicks> I need to prepare an apparmor SRU for bug 1661406 16:33 <ubottu> bug 1661406 in apparmor (Ubuntu Trusty) "apparmor failing to be purged on trusty" [Medium,Confirmed] https://launchpad.net/bugs/1661406 16:34 <tyhicks> that's the only regression, due to the big SRU, that I'm aware of on Trusty but let me know if you want me to include any other changes in my upload 16:35 <tyhicks> it looks like I have a few good security sponsorings to do this week 16:35 <tyhicks> I'd still like to upload apparmor 2.11 to zesty 16:35 <tyhicks> I expect to have some followup discussions and some libseccomp work fall out of the seccomp kernel patches that I sent up last week 16:36 <tyhicks> I have a little bit of libvirt apparmor research to do around what it would take to dynamically update the policy when someone adjusts the disk image path via `virsh edit` 16:36 <tyhicks> that's it for me 16:36 <tyhicks> jj is out 16:37 <tyhicks> sarnold: you're up 16:37 <sarnold> I'm on bug triage this week, working my way down the MIRs; I'm very nearly finished with the mellon apache auth module, so advice on next one to start would be appreciated 16:37 <sarnold> that's it for me, chrisccoulson? 16:38 <chrisccoulson> I'm hoping to publish oxide updates this week. I was hoping to do it last week but they're blocked because I have to wait for the stable overlay PPA to be updated first 16:38 <chrisccoulson> I'll also probably have to do a firefox update again (there's another point release) 16:39 <chrisccoulson> I need to figure out why firefox crashes on arm, which currently prevents the build from completing 16:39 <jdstrand> tyhicks: talk to me about virsh edit. this sounds like something that libvirt should be handling already 16:40 <chrisccoulson> Other than that, I'll be working on bug 1638852 16:40 <ubottu> bug 1638852 in Oxide "Add touch selection handles and quick menu to UbuntuWebView" [High,In progress] https://launchpad.net/bugs/1638852 16:40 <jdstrand> tyhicks: (ie, outside of this meeting) 16:40 <tyhicks> jdstrand: will do - thanks 16:40 <chrisccoulson> And no doubt I'll spend a bit of time crying about rust 16:40 <chrisccoulson> That's me done 16:40 <chrisccoulson> oh no 16:40 <ratliff> I'm on CVE triage this week 16:40 <tyhicks> chrisccoulson: looks like you're still expecting chromium-browser updates too 16:40 <chrisccoulson> 1 more thing 16:40 <chrisccoulson> Firefox/GCC4.9 on trusty doesn't run either, so I need to figure that out 16:41 <chrisccoulson> Really done now :) 16:41 <chrisccoulson> sorry 16:41 <ratliff> :-) 16:41 <ratliff> I'm triaging CVEs this week. 16:41 <chrisccoulson> tyhicks, ack 16:41 <ratliff> And still recovering from being sick. 16:41 <ratliff> I am still working on updates for core (15.04) and touch. 16:42 <ratliff> I will be out for 1/2 day on Friday. 16:42 <ratliff> back to you, tyhicks 16:43 <tyhicks> thanks 16:43 <tyhicks> [TOPIC] Highlighted packages 16:43 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:43 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/lib3ds.html 16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/hesiod.html 16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/newlib.html 16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/teeworlds.html 16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libssh2.html 16:43 <tyhicks> [TOPIC] Miscellaneous and Questions 16:43 <tyhicks> Does anyone have any other questions or items to discuss? 16:44 <tyhicks> jdstrand, mdeslaur, sbeattie, sarnold, ChrisCoulson, ratliff: Thanks! 16:44 <tyhicks> #endmeeting