16:35 <tyhicks> #startmeeting 16:35 <meetingology> Meeting started Mon May 8 16:35:11 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:35 <meetingology> 16:35 <meetingology> Available commands: action commands idea info link nick 16:35 <tyhicks> The meeting agenda can be found at: 16:35 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:35 <tyhicks> [TOPIC] Announcements 16:35 <tyhicks> Jeremy Bicha (jbicha) provided debdiffs for trusty-zesty for weechat (LP: #1686478) 16:35 <ubottu> Launchpad bug 1686478 in weechat (Ubuntu) " CVE-2017-8073 weechat remote crash" [Undecided,Fix released] https://launchpad.net/bugs/1686478 16:35 <mdeslaur> \o 16:35 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :) 16:35 <tyhicks> [TOPIC] Weekly stand-up report 16:35 <tyhicks> jdstrand: you're up 16:35 <jdstrand> Got through a lot of the snappy PRs and store reviews the last two weeks. As of this second, caught up, but dbus activation and update-ns PRs are looming. All my PRs are merged 16:35 <jdstrand> picked up the uid/gid seccomp filtering branch since it sounds like people are assigned to worked on privilege dropping in snaps and this is a requirement for that work 16:35 <jdstrand> embargoed issue 16:35 <jdstrand> wayland/gnome/plasma and kubernetes-support after 16:36 <jdstrand> that's it from me 16:36 <jdstrand> mdeslaur: you're up 16:36 <mdeslaur> I'm on community this week 16:37 <mdeslaur> I have a whole bunch of updates I'm currently testing to release this week, including tomcat7, tomcat8, apache2, freetype, etc. 16:37 <mdeslaur> that's probably all I'll be doing 16:37 <mdeslaur> that it, sbeattie, you're up 16:37 <sbeattie> I'm on bug triage this week 16:38 <sbeattie> I've got openjdk-8 updates pending, and will hopefully have openjdk-7 soon. 16:38 <sbeattie> I'm also working on a libplist update 16:38 <sbeattie> I have some kernel signoff and triage to do. 16:38 <sbeattie> After that, I'll look for more updates to pick up 16:39 <sbeattie> That'll consume my week. 16:39 <sbeattie> tyhicks: over to you 16:39 <tyhicks> I'm on cve triage 16:39 <tyhicks> I've got a number of followups to do from the roadmap sprint last week 16:40 <tyhicks> I need to drive the design of the final bit of the seccomp kernel patches to completion 16:40 <tyhicks> I may also get a chance to start working with the fscrypto userspace code this week 16:41 <tyhicks> that's it for me 16:41 <tyhicks> jjohansen: you're up 16:41 <jjohansen> I am working on apparmor upstreaming this week 16:41 <jjohansen> I have a few bugs to follow-up on 16:42 <jjohansen> but other than that, it is all upstreaming work 16:42 <tyhicks> jjohansen: what specifically are you working on for upstreaming this week? 16:43 <tyhicks> a couple weeks ago it was dealing with apparmofs changes and checkpatch cleanups 16:43 * tyhicks is mainly curious if you've hit any blockers around those two 16:43 <jjohansen> I have a revised, smaller securityfs patch that I should be able to send up today. The securityfs portion is done, I am just doing some revision on the supporting apparmor bit 16:43 <jjohansen> it reduces the securityfs changes to just what is needed to support adding symlinks 16:44 <jjohansen> much smaller than the old change 16:44 <tyhicks> nice 16:44 <tyhicks> thanks 16:45 <jjohansen> there are still some check patch changes to do 16:45 <jjohansen> and I have a list of other random fixes that I know of to preform 16:47 <tyhicks> ok 16:47 <tyhicks> I had one more thing for myself. I need to retire precise from UCT and open precise/esm in UCT. 16:47 <mdeslaur> \o/ 16:47 <tyhicks> sarnold: I think jjohansen is done now 16:48 <sarnold> i'm in the happy place this week 16:48 <jjohansen> well, sure I was just digging up the list 16:48 <sarnold> returning to MIRs 16:48 <tyhicks> jjohansen: we can sync up on those details later 16:48 <sarnold> that's it for me, chrisccoulson? 16:48 <chrisccoulson> I've got chromium, firefox and thunderbird to release this week 16:48 <sarnold> wow 16:49 <chrisccoulson> I also need to finish my new script for automating symbol uploads, so I can stop doing it manually 16:49 <chrisccoulson> I'm not sure what else yet. That's me done 16:50 <tyhicks> ratliff: you're up 16:50 <ratliff> I'm in the happy place. I have a number of tasks from the sprint. 16:51 <ratliff> I'm going to work on an icu update for esm. 16:51 <ratliff> I'm going to instantiate the notification service. 16:51 <ratliff> If I have time, I will do an update for UC15. 16:51 <ratliff> that's it for me, back to you, tyhicks 16:51 <tyhicks> thanks 16:52 <tyhicks> [TOPIC] Highlighted packages 16:52 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:52 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/pyrad.html 16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/plasma-workspace.html 16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/pcs.html 16:52 <tyhicks> [TOPIC] Miscellaneous and Questions 16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/claws-mail.html 16:52 <tyhicks> Does anyone have any other questions or items to discuss? 16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/golang-github-appc-docker2aci.html 16:53 <sbeattie> tyhicks: not to discuss particularly, but related to what ratliff said, there's ESM infrastructure tasks that will need to be done. 16:54 <tyhicks> sbeattie: I think I've got most of the tasks to perform locally documented but you're right that we'll need to do some infrastructure things 16:54 <tyhicks> sbeattie: I'll try to knock those out today/tomorrow 16:54 <tyhicks> ratliff: fyi ^ 16:54 <sbeattie> tyhicks: sure, I'm happy to help there, too. 16:55 <ratliff> thanks, tyhicks and sbeattie 16:55 <tyhicks> ok 16:55 <mdeslaur> ratliff: does anything actually use icu in the esm packageset? 16:56 <tyhicks> shh 16:56 <tyhicks> there's a reason why it is the first :) 16:56 * mdeslaur shuts up 16:56 <tyhicks> it'll be a good test 16:57 <tyhicks> it is in the list but there's not much there that depends on it 16:57 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks! 16:57 <mdeslaur> thanks tyhicks 16:57 <tyhicks> #endmeeting