#ubuntu-meeting log

16:30 <tyhicks> #startmeeting
16:30 <meetingology> Meeting started Mon Jul 24 16:30:02 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:30 <meetingology> 
16:30 <meetingology> Available commands: action commands idea info link nick
16:30 <tyhicks> The meeting agenda can be found at:
16:30 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:30 <tyhicks> [TOPIC] Announcements
16:30 <tyhicks> Simon Quigley (tsimonq2) provided debdiffs for trusty-artful for vlc (LP: #1693893)
16:30 <ubottu> Launchpad bug 1693893 in vlc (Ubuntu Artful) "Fix out-of-bounds read, potential heap buffer overflow, and other CVEs" [Undecided,Fix released] https://launchpad.net/bugs/1693893
16:30 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :)
16:30 <tyhicks> [TOPIC] Weekly stand-up report
16:30 <tyhicks> jdstrand: you're up
16:30 <jdstrand> hey
16:31 <jdstrand> Last week I attended the Product sprint and didn't focus on development work.
16:31 <jdstrand> This week I plan to:
16:31 <jdstrand> * take outputs from the sprint and integrate them into trello, do follow-ups, etc
16:31 <jdstrand> * be responsive to various snappy PRs and feature discussions
16:31 <jdstrand> mdeslaur: you're up
16:31 <jdstrand> * continue on wayland and wayland desktop interfaces
16:31 <jdstrand> * followup on users/groups in snapd
16:31 <jdstrand> that's it from me
16:31 <mdeslaur> I'm in the happy place this week
16:31 <mdeslaur> I'm currently releasing some updates
16:31 <mdeslaur> and I have some more to work on
16:31 <mdeslaur> that's about it, sbeattie, you're up
16:32 <sbeattie> I'm on community this week
16:32 <sbeattie> I have openjdk-8 updates to test and publish, waiting on td aitx for openjdk-7
16:32 <sbeattie> I have some kernel signoff tasks to do
16:33 <sbeattie> also waiting for the xenial updates from the last round to publish USNs for (there was 4? respins)
16:33 <sbeattie> I'll work on the list of needed updates as well
16:33 <sbeattie> that's it for me. tyhicks?
16:34 <tyhicks> I'm on bug triage this week
16:34 <tyhicks> I have quite a bit of sprint followup up to do
16:35 <tyhicks> need to capture any missing notes from sessions
16:35 <tyhicks> still getting caught up on email that couldn't be tended to while I was sprinting last week
16:36 <tyhicks> I've identified what I think is a better potential solution for userspace being able to tell the kernel what seccomp actions it wants logged and I've started on that feature
16:36 <tyhicks> there's an fscrypt pam module that I need to review and package
16:36 <tyhicks> I also need to get to the bottom of fscrypt build tests and whether they're appropriate for running on the builders
16:37 <tyhicks> finally, I need to familiarize myself with the current LSM stacking patch set
16:37 <tyhicks> that's it for me
16:37 <tyhicks> jjohansen: you're up
16:37 <jjohansen> This week I am working on apparmor upstreaming. Specifically I need to give another once over to the various patches that are "done".
16:37 <jjohansen> I need to do a revision on the mount patch around pivot root.
16:37 <jjohansen> I need to finish up some stacking and namespace related revisions that I didn't manage to land in 4.13, and I need to continue with the networking patch revisions.
16:38 <jjohansen> I also need to poke some more at LSM stacking and finish with my linux plumbers booking.
16:38 <jjohansen> I think thats it for me
16:38 <jjohansen> sarnold: you're up
16:38 <sarnold> I'm on CVE triage this week, and running down the MIRs
16:38 <sarnold> that's it for me, chrisccoulson?
16:40 <chrisccoulson> I'll be spending a lot of time trying to get rust and cargo updated to the required versions this week
16:41 <chrisccoulson> And I'll probably spend some more time going through my list of spidermonkey patches to attempt backports too
16:41 <chrisccoulson> That's probably it for me - I've no other updates planned this week
16:42 <tyhicks> Emily is out so lets go to leosilva
16:42 <leosilva> I worked in some updtes last week - apport and some publishments.
16:42 <leosilva> this wee I want to finish mysql update, publish samba and get/search for new updates for precise/esm
16:43 <leosilva> that is for me.
16:43 <leosilva> tyhicks: it's back to you
16:43 <tyhicks> thanks
16:43 <tyhicks> [TOPIC] Highlighted packages
16:44 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:44 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/tt-rss.html
16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gtkwave.html
16:44 <tyhicks> [TOPIC] Miscellaneous and Questions
16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/node-qs.html
16:44 <tyhicks> Does anyone have any other questions or items to discuss?
16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/jetty9.html
16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/r-base.html
16:46 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, leosilva: Thanks!
16:46 <tyhicks> #endmeeting