== Meeting information == * #ubuntu-meeting Meeting, 22 May at 16:33 — 16:51 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-05-22-16.33.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Sponsored Updates === The discussion about "Sponsored Updates" started at 16:34. === Join us! === The discussion about "Join us!" started at 16:34. === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:35. === Highlighted packages === The discussion about "Highlighted packages" started at 16:49. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/ruby-saml.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/icecast2.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/kinit.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/ruby-rest-client.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/jsoup.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:49. == Vote results == == Done items == * (none) == People present (lines said) == * tyhicks (36) * sbeattie (9) * jjohansen (7) * ratliff (4) * ubottu (3) * meetingology (3) * sarnold (2) * acheronuk (2) == Full Log == 16:33 #startmeeting 16:33 Meeting started Mon May 22 16:33:46 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:33 16:33 Available commands: action commands idea info link nick 16:33 The meeting agenda can be found at: 16:33 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:34 [TOPIC] Sponsored Updates 16:34 Jose Manuel Santamaria Lema (santa_) provided debdiffs for xenial and yakkety for kauth (LP: #1689759) 16:34 Launchpad bug 1689759 in kde4libs (Ubuntu Artful) "CVE 2017-8422 - kauth: Local privilege escalation" [High,Fix released] https://launchpad.net/bugs/1689759 16:34 Rik Mills (acheronuk) provided debdiffs for xenial and yakkety for kde4libs (LP: #1689759) 16:34 v.naini provided debdiffs for zesty for kauth and kde4libs (LP: #1689759) 16:34 Thank you for your assistance in keeping Ubuntu users secure! :) 16:34 [TOPIC] Join us! 16:34 The Ubuntu Security Team has an open position. Learn more and apply at http://bit.ly/SecEngJob 16:35 [TOPIC] Weekly stand-up report 16:35 sbeattie: you're up 16:35 I'm in the happy place this week 16:35 tyhicks: you're welcome 16:35 * acheronuk shuts up 16:35 heh 16:35 hey acheronuk :) 16:36 I have an embargoed issue that I'm working on 16:36 I've some kernel cve triage bits and signoffs to do 16:37 I'll go down the open list to work on another update as well. 16:37 Oh, kernel team pointed me at some minor qrt failures to address with the 4.11 kernel. 16:37 (config renames ,etc.) 16:38 that's probably my week. 16:38 tyhicks: you're up 16:38 I'm on community this week 16:38 I've got a few eCryptfs kernel patches to review 16:39 I'm trying my best to cover for Jamie on forum.snapcraft.io this week 16:40 I've got some internal tasks to do today 16:40 then I'll spend time on seccomp 16:40 that's it 16:40 jjohansen: you're up 16:41 I'll be coordinating with sbeattie on some apparmor regression test failures, bug 1659111 is known and a kernel change, I knew about it before pushing, and told them the fix will follow 16:41 I have poked a couple people on the securityfs patches so hopefully I will be doing any needed replies/revision for that 16:41 bug 1659111 in linux (Ubuntu Zesty) "UbuntuKVM guest crashed while running I/O stress test with Ubuntu kernel 4.4.0-47-generic" [High,In progress] https://launchpad.net/bugs/1659111 16:43 and I am working on finishing beating the patch queue for upstream into shape, largely still breaking a few things into smaller logical chunks that make sense and trying not to break bisecting 16:43 oh and I suppose maybe the fixes for some qrt regressions, maybe 16:45 jjohansen: was that the wrong bug number? did you mean bug 1692543? 16:45 bug 1692543 in apparmor (Ubuntu) "Regression tests cannot write to apparmor path_max module parameter in artful/4.11" [Undecided,New] https://launchpad.net/bugs/1692543 16:45 tyhicks: sorry yes 1692543, I grabbed the wrong line from irc :) 16:46 cool 16:46 I am going to push some more RFCs up this week, and I expect that to consume the rest of my time 16:47 so I think that is it for me 16:47 sarnold: you're up 16:47 i'm on bug triage this week; back to MIRs; AA patch reviews if those will be helpful. and internal tasks 16:47 that's it for me, chrisccoulson is out right?, so, ratliff? 16:48 I'm on CVE triage this week 16:48 I am finalizing an ESM update and will do the same update for Ubuntu Core 15 (rtmpdump) 16:48 Most of the week will be focused on internal tasks. 16:48 that's it for me, back to you tyhicks 16:49 thanks 16:49 [TOPIC] Highlighted packages 16:49 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:49 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:49 http://people.canonical.com/~ubuntu-security/cve/pkg/ruby-saml.html 16:49 http://people.canonical.com/~ubuntu-security/cve/pkg/icecast2.html 16:49 http://people.canonical.com/~ubuntu-security/cve/pkg/kinit.html 16:49 http://people.canonical.com/~ubuntu-security/cve/pkg/ruby-rest-client.html 16:49 http://people.canonical.com/~ubuntu-security/cve/pkg/jsoup.html 16:49 [TOPIC] Miscellaneous and Questions 16:49 Does anyone have any other questions or items to discuss? 16:51 sbeattie, jjohansen, sarnold, ratliff: Thanks! 16:51 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)