#ubuntu-meeting log

16:31 <tyhicks> #startmeeting
16:31 <meetingology> Meeting started Mon Feb 13 16:31:57 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:31 <meetingology> 
16:31 <meetingology> Available commands: action commands idea info link nick
16:32 <slashd> thanks rbasak for leading the discussion about the sru-upload, we appreciated it
16:32 <tyhicks> The meeting agenda can be found at:
16:32 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:32 <tyhicks> [TOPIC] Announcements
16:32 <tyhicks> James Page (jamespage) provided a debdiff for xenial for nova-lxd (LP: #1656847)
16:32 <ubottu> Launchpad bug 1656847 in nova-lxd (Ubuntu Zesty) "neutron security group rules not applied to nova-lxd containers" [High,Fix released] https://launchpad.net/bugs/1656847
16:32 <tyhicks> Jeremy Bicha (jbicha) provided debdiffs for yakkety for bubblewrap and flatpak (LP: #1657357)
16:32 <ubottu> Launchpad bug 1657357 in flatpak (Ubuntu) "bubblewrap escape via TIOCSTI ioctl" [Medium,Fix released] https://launchpad.net/bugs/1657357
16:32 <tyhicks> Jeremy Bicha (jbicha) worked to remove jasper from zesty (LP: #1612835)
16:32 <ubottu> Launchpad bug 1612835 in kopete (Ubuntu) "Please remove jasper from Zesty" [High,Fix released] https://launchpad.net/bugs/1612835
16:32 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :)
16:32 <tyhicks> [TOPIC] Weekly stand-up report
16:32 <tyhicks> jdstrand: you're up
16:33 <jdstrand> hi!
16:33 <jdstrand> last week my dev work got preempted by lots and lots of reviews (store, documentation, Personal and other snapd PRs, snap-confine PRs) and helping with the snap-confine system vs core snap out-of-syncness issue on classic
16:33 <jdstrand> today, I'm catching up on store reviews, various mailing list and bug discussions from friday/weekend
16:33 <jdstrand> this week, I plan to continue with various PR and design reviews/discussions as I'm assigned to them. I know I already need to look at the gsettings patches, console access, 'notion of trust' in snappy, misc snap-confine PRs and lots of Personal PRs (unity8 policy, thumbnailer, media-hub, et al)
16:33 <jdstrand> assuming I can get to my non-review assigned dev work after, I plan to work on the next batch of miscellaneous policy updates and continue with more seccomp arg filtering policy
16:34 <jdstrand> (quite a bit of the seccomp arg filtering policy I pushed up landed already)
16:34 <jdstrand> that's it from me
16:34 <jdstrand> mdeslaur: you're up
16:35 <mdeslaur> I'm on triage this week
16:35 <mdeslaur> I was about to publish a webkit2gtk update, but the new version has a regression
16:35 <mdeslaur> I'm still working on php5 updates, should be publishing that this week
16:35 <mdeslaur> after that, I'll be going down the list, as usual
16:35 <mdeslaur> sbeattie: you're up
16:39 <tyhicks> I'll go and we can circle back
16:39 <tyhicks> I'm in the happy place this week
16:39 <tyhicks> finish testing and submit seccomp logging kernel patchset v3
16:39 <tyhicks> check on AppArmor Zesty upload (blocked by a perl upload)
16:39 <tyhicks> assist in landing the dconf/gsettings mediation
16:40 <tyhicks> tcpdump updates (bug #1662177)
16:40 <ubottu> bug 1662177 in tcpdump (Ubuntu) "tcpdump multiple CVEs" [Undecided,New] https://launchpad.net/bugs/1662177
16:40 <tyhicks> that's it for me
16:40 <tyhicks> jjohansen: you're up
16:40 <tyhicks> oh, short week for me
16:40 <tyhicks> I'm out tomorrow
16:41 <jjohansen> I'm finishing up the apparmor policy notification interface, and making any other revisions to the dconf work that might pop up
16:41 <jjohansen> once that is done I'll be back to upstreaming work, the next merge window is coming all too fast
16:42 <jjohansen> oh hrmm and it goes with out saying that revising the dconf/gsettings work is part of landing it
16:42 <jjohansen> which I'll be helping with
16:43 <tyhicks> I think that'll be a full week
16:43 <jjohansen> yep
16:43 <tyhicks> I haven't seen sarnold yet
16:43 <tyhicks> he's working on MIRs
16:43 <tyhicks> chrisccoulson: you're up
16:43 <jjohansen> yeah, I was just checking
16:43 <sarnold> (here)
16:43 <tyhicks> oh, go ahead
16:44 <chrisccoulson> This week, I'll be spending some more time getting rustc working everywhere
16:44 <sarnold> I'm community this week
16:44 <sarnold> whatever's not spent on community tasks will be MIRs :)
16:44 <chrisccoulson> Mozilla just bumped the minimum rustc version required to build firefox to 1.15.1, which is newer than we have in zesty, which is totally awesome
16:44 <chrisccoulson> oh
16:44 <sarnold> ow
16:44 <tyhicks> :(
16:44 <chrisccoulson> sarnold, carry on :)
16:45 <sarnold> I'm done :/
16:45 <chrisccoulson> ah, cool
16:45 <sarnold> because waiting a dozen hours for a toolchain before starting work on the browser sounds like such fun :(
16:45 <chrisccoulson> so, other than that, I'll be finishing off bug 1638852, and then a few other cleanups required to make the new UITK webview stable
16:45 <ubottu> bug 1638852 in Oxide "Add touch selection handles and quick menu to UbuntuWebView" [High,In progress] https://launchpad.net/bugs/1638852
16:45 <chrisccoulson> That's me done
16:45 <ratliff> I'm on bug triage this week.
16:46 <ratliff> I am working on updates for core and touch otherwise
16:46 <ratliff> sbeattie: around? if not, back to you tyhicks
16:47 <tyhicks> lets move on
16:47 <tyhicks> [TOPIC] Highlighted packages
16:47 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:47 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/pinpoint.html
16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-4.9.html
16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libcsoap.html
16:47 <tyhicks> [TOPIC] Miscellaneous and Questions
16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gpw.html
16:47 <tyhicks> Does anyone have any other questions or items to discuss?
16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libxml-security-java.html
16:49 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks!
16:49 <tyhicks> #endmeeting