16:35 <tyhicks> #startmeeting
16:35 <meetingology> Meeting started Mon May  8 16:35:11 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:35 <meetingology> 
16:35 <meetingology> Available commands: action commands idea info link nick
16:35 <tyhicks> The meeting agenda can be found at:
16:35 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:35 <tyhicks> [TOPIC] Announcements
16:35 <tyhicks> Jeremy Bicha (jbicha) provided debdiffs for trusty-zesty for weechat (LP: #1686478)
16:35 <ubottu> Launchpad bug 1686478 in weechat (Ubuntu) " CVE-2017-8073 weechat remote crash" [Undecided,Fix released] https://launchpad.net/bugs/1686478
16:35 <mdeslaur> \o
16:35 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :)
16:35 <tyhicks> [TOPIC] Weekly stand-up report
16:35 <tyhicks> jdstrand: you're up
16:35 <jdstrand> Got through a lot of the snappy PRs and store reviews the last two weeks. As of this second, caught up, but dbus activation and update-ns PRs are looming. All my PRs are merged
16:35 <jdstrand> picked up the uid/gid seccomp filtering branch since it sounds like people are assigned to worked on privilege dropping in snaps and this is a requirement for that work
16:35 <jdstrand> embargoed issue
16:35 <jdstrand> wayland/gnome/plasma and kubernetes-support after
16:36 <jdstrand> that's it from me
16:36 <jdstrand> mdeslaur: you're up
16:36 <mdeslaur> I'm on community this week
16:37 <mdeslaur> I have a whole bunch of updates I'm currently testing to release this week, including tomcat7, tomcat8, apache2, freetype, etc.
16:37 <mdeslaur> that's probably all I'll be doing
16:37 <mdeslaur> that it, sbeattie, you're up
16:37 <sbeattie> I'm on bug triage this week
16:38 <sbeattie> I've got openjdk-8 updates pending, and will hopefully have openjdk-7 soon.
16:38 <sbeattie> I'm also working on a libplist update
16:38 <sbeattie> I have some kernel signoff and triage to do.
16:38 <sbeattie> After that, I'll look for more updates to pick up
16:39 <sbeattie> That'll consume my week.
16:39 <sbeattie> tyhicks: over to you
16:39 <tyhicks> I'm on cve triage
16:39 <tyhicks> I've got a number of followups to do from the roadmap sprint last week
16:40 <tyhicks> I need to drive the design of the final bit of the seccomp kernel patches to completion
16:40 <tyhicks> I may also get a chance to start working with the fscrypto userspace code this week
16:41 <tyhicks> that's it for me
16:41 <tyhicks> jjohansen: you're up
16:41 <jjohansen> I am working on apparmor upstreaming this week
16:41 <jjohansen> I have a few bugs to follow-up on
16:42 <jjohansen> but other than that, it is all upstreaming work
16:42 <tyhicks> jjohansen: what specifically are you working on for upstreaming this week?
16:43 <tyhicks> a couple weeks ago it was dealing with apparmofs changes and checkpatch cleanups
16:43 * tyhicks is mainly curious if you've hit any blockers around those two
16:43 <jjohansen> I have a revised, smaller securityfs patch that I should be able to send up today. The securityfs portion is done, I am just doing some revision on the supporting apparmor bit
16:43 <jjohansen> it reduces the securityfs changes to just what is needed to support adding symlinks
16:44 <jjohansen> much smaller than the old change
16:44 <tyhicks> nice
16:44 <tyhicks> thanks
16:45 <jjohansen> there are still some check patch changes to do
16:45 <jjohansen> and I have a list of other random fixes that I know of to preform
16:47 <tyhicks> ok
16:47 <tyhicks> I had one more thing for myself. I need to retire precise from UCT and open precise/esm in UCT.
16:47 <mdeslaur> \o/
16:47 <tyhicks> sarnold: I think jjohansen is done now
16:48 <sarnold> i'm in the happy place this week
16:48 <jjohansen> well, sure I was just digging up the list
16:48 <sarnold> returning to MIRs
16:48 <tyhicks> jjohansen: we can sync up on those details later
16:48 <sarnold> that's it for me, chrisccoulson?
16:48 <chrisccoulson> I've got chromium, firefox and thunderbird to release this week
16:48 <sarnold> wow
16:49 <chrisccoulson> I also need to finish my new script for automating symbol uploads, so I can stop doing it manually
16:49 <chrisccoulson> I'm not sure what else yet. That's me done
16:50 <tyhicks> ratliff: you're up
16:50 <ratliff> I'm in the happy place. I have a number of tasks from the sprint.
16:51 <ratliff> I'm going to work on an icu update for esm.
16:51 <ratliff> I'm going to instantiate the notification service.
16:51 <ratliff> If I have time, I will do an update for UC15.
16:51 <ratliff> that's it for me, back to you, tyhicks
16:51 <tyhicks> thanks
16:52 <tyhicks> [TOPIC] Highlighted packages
16:52 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:52 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/pyrad.html
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/plasma-workspace.html
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/pcs.html
16:52 <tyhicks> [TOPIC] Miscellaneous and Questions
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/claws-mail.html
16:52 <tyhicks> Does anyone have any other questions or items to discuss?
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/golang-github-appc-docker2aci.html
16:53 <sbeattie> tyhicks: not to discuss particularly, but related to what ratliff said, there's ESM infrastructure tasks that will need to be done.
16:54 <tyhicks> sbeattie: I think I've got most of the tasks to perform locally documented but you're right that we'll need to do some infrastructure things
16:54 <tyhicks> sbeattie: I'll try to knock those out today/tomorrow
16:54 <tyhicks> ratliff: fyi ^
16:54 <sbeattie> tyhicks: sure, I'm happy to help there, too.
16:55 <ratliff> thanks, tyhicks and sbeattie
16:55 <tyhicks> ok
16:55 <mdeslaur> ratliff: does anything actually use icu in the esm packageset?
16:56 <tyhicks> shh
16:56 <tyhicks> there's a reason why it is the first :)
16:56 * mdeslaur shuts up
16:56 <tyhicks> it'll be a good test
16:57 <tyhicks> it is in the list but there's not much there that depends on it
16:57 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks!
16:57 <mdeslaur> thanks tyhicks
16:57 <tyhicks> #endmeeting