#ubuntu-meeting log

16:42 <tyhicks> #startmeeting
16:42 <meetingology> Meeting started Mon Feb 27 16:42:07 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:42 <meetingology> 
16:42 <meetingology> Available commands: action commands idea info link nick
16:42 <tyhicks> The meeting agenda can be found at:
16:42 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:42 <tyhicks> [TOPIC] Announcements
16:42 <tyhicks> Andreas Cadhalpun provided debdiffs for xenial and yakkety for ffmpeg (LP: #1664402 #1664403)
16:42 <ubottu> Launchpad bug 1664402 in ffmpeg (Ubuntu) "FFmpeg security fixes February 2017 (yakkety)" [Medium,Fix released] https://launchpad.net/bugs/1664402
16:42 <tyhicks> Paul Gevers (elbrus) provided debdiffs for trusty and xenial for cacti (LP: #1663891)
16:42 <ubottu> Launchpad bug 1663891 in cacti (Ubuntu Trusty) "Security uploads for cacti (trusty and xenial)" [High,Fix released] https://launchpad.net/bugs/1663891
16:42 <tyhicks> Brian Morton (rokclimb15) provided debdiffs for precise-yakkety for libssh2 (LP: #1664812)
16:42 <ubottu> Launchpad bug 1664812 in libssh2 (Ubuntu) "CVE-2016-0787" [Medium,Fix released] https://launchpad.net/bugs/1664812
16:42 <tyhicks> Gianfranco Costamagna (LocutusOfBorg) provided debdiffs for trusty-yakkety for tcpdump (LP: #1662177)
16:42 <ubottu> Launchpad bug 1662177 in tcpdump (Ubuntu) "tcpdump multiple CVEs" [Medium,Fix released] https://launchpad.net/bugs/1662177
16:42 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :)
16:42 <tyhicks> [TOPIC] Weekly stand-up report
16:42 <tyhicks> jdstrand: you're up
16:42 <jdstrand> hi!
16:43 <jdstrand> this week I plan to work on:
16:43 <jdstrand> various snappy PR reviews (snap-confine, Personal, et al interfaces) and store reviews
16:43 <jdstrand> review gsettings patches
16:43 <jdstrand> various policy updates for 2.23
16:43 <jdstrand> that's it for me
16:43 <jdstrand> continue seccomp arg filtering policy
16:43 <jdstrand> mdeslaur: you're up
16:44 <mdeslaur> I'm on community this week
16:44 <mdeslaur> and I'm about to release tiff updates
16:44 <mdeslaur> and I'll be going down the list
16:44 <mdeslaur> that's about it, sbeattie, you're up
16:46 <sbeattie> I'm on bug triage this week
16:46 <sbeattie> I also have kernel signoffs to do.
16:46 <sbeattie> after that, I'll also be focusing on updates
16:47 <sbeattie> that's pretty much it for me. tyhicks, you're up
16:47 <tyhicks> I'm on cve triage this week
16:48 <tyhicks> I need to propose a bit of a design change for the seccomp kernel patches and send out revision 5 of the set
16:48 <tyhicks> need to circle back to the apparmor utils patch set to fix something that cboltz requested and then send out revision 2 of the set
16:49 <tyhicks> I have a design review to do
16:49 <tyhicks> and right now I'm fighting with configuration issues on my new laptop so I need to spend a little time smoothing those out
16:49 <tyhicks> that's it for me
16:49 <tyhicks> jjohansen: you're up
16:49 <jjohansen> I need to revise the gsetting patches based on review feedback, and send out the notification patchset so it can be reviewed
16:49 <jjohansen> and I need to get back to upstreaming work, I am hoping to get an RFC out this week so I can do another pull request in a few weeks
16:49 <jjohansen> oh and there some bugs, I need to follow up on.
16:51 <jjohansen> that is it for me, sarnold
16:51 <sarnold> I'm in the happy place this week; I'm going to release the shadow update, finish the lasso mir, AA patch reviews, and then move down the list of MIRs
16:51 <sarnold> that's it for me, chrisccoulson?
16:52 <chrisccoulson> I plan to get our firefox packages building with rust by the end of the week
16:52 <chrisccoulson> I've also got to start preparing the next update, which is next week
16:52 <chrisccoulson> Before I do that, I need to fix our menubar patch which currently makes it crash thanks to a late change in firefox
16:53 <chrisccoulson> I also need to unbreak ubufox (bug 1648649)
16:53 <ubottu> bug 1648649 in ubufox (Ubuntu) "Ubufox is broken in Firefox Nightly, due to using no-longer-supported "for each" syntax. Error console now shows "SyntaxError: missing ( after for UpdateNotifier.js:217:8"" [High,Triaged] https://launchpad.net/bugs/1648649
16:53 <chrisccoulson> Other than that, I've got 2 large code reviews to do for oxide
16:53 <chrisccoulson> I suspect I might not get much else done this week
16:53 <chrisccoulson> that's me done
16:53 <ratliff> I'm in the happy place this week
16:53 <ratliff> I'm still working on vivid updates for Core and Touch
16:54 <ratliff> back to you, tyhicks
16:54 <tyhicks> thanks!
16:54 <tyhicks> [TOPIC] Highlighted packages
16:54 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:54 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:54 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/php-openid.html
16:54 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/sleekxmpp.html
16:54 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/collectd.html
16:54 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/vxl.html
16:54 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libpdfbox-java.html
16:54 <tyhicks> [TOPIC] Miscellaneous and Questions
16:54 <tyhicks> Does anyone have any other questions or items to discuss?
16:54 <chrisccoulson> oh, I need to sponsor chromium too :)
16:56 <tyhicks> ack
16:56 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks!
16:56 <tyhicks> #endmeeting