#ubuntu-meeting log

16:31 <tyhicks> #startmeeting
16:31 <meetingology> Meeting started Mon Apr 24 16:31:12 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:31 <meetingology> 
16:31 <meetingology> Available commands: action commands idea info link nick
16:31 <tyhicks> The meeting agenda can be found at:
16:31 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:31 <tyhicks> [TOPIC] Weekly stand-up report
16:31 <tyhicks> jdstrand: you're up
16:31 <mdeslaur> \o
16:35 <tyhicks> mdeslaur: go ahead (we'll circle back)
16:35 <mdeslaur> I'm on triage this week
16:35 <mdeslaur> I'm currently testing samba and qemu updates for zesty
16:35 <mdeslaur> after that, I'll be doing mysql updates since we're running late on them
16:36 <mdeslaur> after that, I have nss and ca-certificates updates planned
16:36 <mdeslaur> that's probably my next couple of weeks
16:36 <mdeslaur> sbeattie: you're up
16:36 <sbeattie> I'm in the happy place this week
16:36 <sbeattie> I'm working on libxslt updates
16:36 <sbeattie> I will have some kernel USNs to write
16:37 <sbeattie> I expect to get handed some openjdk packages to test and publish this week
16:37 <sbeattie> There's some apparmor things I want to look at, and some qrt things to fix as well.
16:37 <sbeattie> That's probably my week
16:37 <sbeattie> tyhicks: over to you.
16:37 <tyhicks> I'm in the happy place this week
16:38 <tyhicks> I am coordinating an embargoed issue
16:38 <tyhicks> I still need to sponsor mozjs38 security update from my community duties last week
16:38 <tyhicks> I have sprint prep
16:38 <tyhicks> and I'd like to pick up my seccomp work again
16:38 <tyhicks> short week - off on Friday
16:39 <tyhicks> jjohansen: go ahead
16:39 <jjohansen> I am continuing my work on upstreaming apparmor, I need to finish chasing down a bug in the securityfs interface work and get that posted, and push out a kernel for testing the fix for bug 1669611, which means I can repush the fix for bug 1660846
16:39 <ubottu> bug 1669611 in linux (Ubuntu Zesty) "Regression in 4.4.0-65-generic causes very frequent system crashes" [Critical,Fix released] https://launchpad.net/bugs/1669611
16:39 <ubottu> bug 1660846 in linux (Ubuntu Yakkety) "apparmor leaking securityfs pin count" [Undecided,Triaged] https://launchpad.net/bugs/1660846
16:39 <jdstrand> tyhicks: (sorry I got distracted by an irc ocnversation)
16:40 <jjohansen> I also have queued up several other fixes that I should SRU this week 1679704, 1678048
16:40 <jjohansen> and a couple others I don't have bugs for yet
16:41 <jjohansen> then I can poke at more of the checkpatch cleanups I need for the next upstream push
16:41 <jjohansen> I think that is it for me, sarnold you are up
16:42 <sarnold> I'm on community this week; still plugging away at shadow and then the MIRs..
16:42 <sarnold> that's it for me, chrisccoulson?
16:43 <chrisccoulson> I've got thunderbird and chromium updates to do this week
16:43 <chrisccoulson> Also, on my non-oxide backlog of tasks, I've got an item to re-automate the uploading of firefox debug symbols to mozilla's symbol server, which I plan to do this week
16:44 <chrisccoulson> And I've got some firefox build failures to fix too
16:44 <chrisccoulson> I think that's me done
16:44 <ratliff> I'm on bug triage
16:45 <ratliff> I will be working predominantly on sprint prep and some analysis work that falls out of that work.
16:45 <ratliff> jdstrand: you're up
16:45 <jdstrand> last week was dominated by PR reviews, store reviews and responding to snappy forum topics. One notable topic I offered to start in an effort to get attention on the topic was https://forum.snapcraft.io/t/snappy-and-users-and-groups/331
16:46 <jdstrand> I did manage to resurrect the various outstanding seccomp arg filtering branches (as planned) but still have some work to do there. I did discuss wayland interfaces a bit and coordinated with the desktop team on that work, but didn't get much farther on my bits. I submitted some PRs for various policy fixes
16:46 <jdstrand> I did not work on pam/stacking docs (no time)
16:46 <jdstrand> this week I plan to:
16:46 <jdstrand> - continue various ongoing and new snappy PR reviews (notably, bash completion, dbus session services, snap-update-ns and migrate Xauthority, but more as needed)
16:46 <jdstrand> - various policy fixes
16:46 <jdstrand> - keep plugging away at seccomp arg filtering (specifically fix the mknod branch and pick up the uid/gid branch)
16:46 <jdstrand> - wayland/gnome/plasma interfaces as have time
16:46 <jdstrand> - pam/stacking docs if have time
16:46 <jdstrand> that's it from me
16:46 <ratliff> back to you, tyhicks
16:47 <tyhicks> thanks
16:47 <tyhicks> [TOPIC] Highlighted packages
16:47 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:47 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/xrdp.html
16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/efl.html
16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/tqdm.html
16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/mariadb-10.1.html
16:47 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/tcptrack.html
16:47 <tyhicks> [TOPIC] Miscellaneous and Questions
16:48 <tyhicks> Does anyone have any other questions or items to discuss?
16:48 <tyhicks> I have one topic
16:48 <tyhicks> mdeslaur, sbeattie, sarnold: we need to do https://wiki.ubuntu.com/SecurityTeam/ReleaseCycle#Devel_Opens
16:48 <tyhicks> mdeslaur, sbeattie, sarnold: any takers?
16:48 <sarnold> sure, I'll grab it
16:49 <tyhicks> thanks sarnold :)
16:49 <mdeslaur> IT'S A TRAP!
16:49 <mdeslaur> ;)
16:49 <sarnold> :D
16:49 <sarnold> there's that one 'update the pretend spreadsheet in vim' step that always baffles me
16:50 <mdeslaur> yes, that was pretty much the trap I was referring to :)
16:50 <tyhicks> heh
16:50 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks!
16:50 <sarnold> I seem to recall thinking that it'd be easier to figure it out and then write down a macro for vim :)
16:50 <tyhicks> #endmeeting