16:35 #startmeeting 16:35 Meeting started Mon May 8 16:35:11 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:35 16:35 Available commands: action commands idea info link nick 16:35 The meeting agenda can be found at: 16:35 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:35 [TOPIC] Announcements 16:35 Jeremy Bicha (jbicha) provided debdiffs for trusty-zesty for weechat (LP: #1686478) 16:35 Launchpad bug 1686478 in weechat (Ubuntu) " CVE-2017-8073 weechat remote crash" [Undecided,Fix released] https://launchpad.net/bugs/1686478 16:35 \o 16:35 Thank you for your assistance in keeping Ubuntu users secure! :) 16:35 [TOPIC] Weekly stand-up report 16:35 jdstrand: you're up 16:35 Got through a lot of the snappy PRs and store reviews the last two weeks. As of this second, caught up, but dbus activation and update-ns PRs are looming. All my PRs are merged 16:35 picked up the uid/gid seccomp filtering branch since it sounds like people are assigned to worked on privilege dropping in snaps and this is a requirement for that work 16:35 embargoed issue 16:35 wayland/gnome/plasma and kubernetes-support after 16:36 that's it from me 16:36 mdeslaur: you're up 16:36 I'm on community this week 16:37 I have a whole bunch of updates I'm currently testing to release this week, including tomcat7, tomcat8, apache2, freetype, etc. 16:37 that's probably all I'll be doing 16:37 that it, sbeattie, you're up 16:37 I'm on bug triage this week 16:38 I've got openjdk-8 updates pending, and will hopefully have openjdk-7 soon. 16:38 I'm also working on a libplist update 16:38 I have some kernel signoff and triage to do. 16:38 After that, I'll look for more updates to pick up 16:39 That'll consume my week. 16:39 tyhicks: over to you 16:39 I'm on cve triage 16:39 I've got a number of followups to do from the roadmap sprint last week 16:40 I need to drive the design of the final bit of the seccomp kernel patches to completion 16:40 I may also get a chance to start working with the fscrypto userspace code this week 16:41 that's it for me 16:41 jjohansen: you're up 16:41 I am working on apparmor upstreaming this week 16:41 I have a few bugs to follow-up on 16:42 but other than that, it is all upstreaming work 16:42 jjohansen: what specifically are you working on for upstreaming this week? 16:43 a couple weeks ago it was dealing with apparmofs changes and checkpatch cleanups 16:43 * tyhicks is mainly curious if you've hit any blockers around those two 16:43 I have a revised, smaller securityfs patch that I should be able to send up today. The securityfs portion is done, I am just doing some revision on the supporting apparmor bit 16:43 it reduces the securityfs changes to just what is needed to support adding symlinks 16:44 much smaller than the old change 16:44 nice 16:44 thanks 16:45 there are still some check patch changes to do 16:45 and I have a list of other random fixes that I know of to preform 16:47 ok 16:47 I had one more thing for myself. I need to retire precise from UCT and open precise/esm in UCT. 16:47 \o/ 16:47 sarnold: I think jjohansen is done now 16:48 i'm in the happy place this week 16:48 well, sure I was just digging up the list 16:48 returning to MIRs 16:48 jjohansen: we can sync up on those details later 16:48 that's it for me, chrisccoulson? 16:48 I've got chromium, firefox and thunderbird to release this week 16:48 wow 16:49 I also need to finish my new script for automating symbol uploads, so I can stop doing it manually 16:49 I'm not sure what else yet. That's me done 16:50 ratliff: you're up 16:50 I'm in the happy place. I have a number of tasks from the sprint. 16:51 I'm going to work on an icu update for esm. 16:51 I'm going to instantiate the notification service. 16:51 If I have time, I will do an update for UC15. 16:51 that's it for me, back to you, tyhicks 16:51 thanks 16:52 [TOPIC] Highlighted packages 16:52 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:52 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/pyrad.html 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/plasma-workspace.html 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/pcs.html 16:52 [TOPIC] Miscellaneous and Questions 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/claws-mail.html 16:52 Does anyone have any other questions or items to discuss? 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/golang-github-appc-docker2aci.html 16:53 tyhicks: not to discuss particularly, but related to what ratliff said, there's ESM infrastructure tasks that will need to be done. 16:54 sbeattie: I think I've got most of the tasks to perform locally documented but you're right that we'll need to do some infrastructure things 16:54 sbeattie: I'll try to knock those out today/tomorrow 16:54 ratliff: fyi ^ 16:54 tyhicks: sure, I'm happy to help there, too. 16:55 thanks, tyhicks and sbeattie 16:55 ok 16:55 ratliff: does anything actually use icu in the esm packageset? 16:56 shh 16:56 there's a reason why it is the first :) 16:56 * mdeslaur shuts up 16:56 it'll be a good test 16:57 it is in the list but there's not much there that depends on it 16:57 jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks! 16:57 thanks tyhicks 16:57 #endmeeting