16:30 <tyhicks> #startmeeting 16:30 <meetingology> Meeting started Mon Jul 24 16:30:02 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:30 <meetingology> 16:30 <meetingology> Available commands: action commands idea info link nick 16:30 <tyhicks> The meeting agenda can be found at: 16:30 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:30 <tyhicks> [TOPIC] Announcements 16:30 <tyhicks> Simon Quigley (tsimonq2) provided debdiffs for trusty-artful for vlc (LP: #1693893) 16:30 <ubottu> Launchpad bug 1693893 in vlc (Ubuntu Artful) "Fix out-of-bounds read, potential heap buffer overflow, and other CVEs" [Undecided,Fix released] https://launchpad.net/bugs/1693893 16:30 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :) 16:30 <tyhicks> [TOPIC] Weekly stand-up report 16:30 <tyhicks> jdstrand: you're up 16:30 <jdstrand> hey 16:31 <jdstrand> Last week I attended the Product sprint and didn't focus on development work. 16:31 <jdstrand> This week I plan to: 16:31 <jdstrand> * take outputs from the sprint and integrate them into trello, do follow-ups, etc 16:31 <jdstrand> * be responsive to various snappy PRs and feature discussions 16:31 <jdstrand> mdeslaur: you're up 16:31 <jdstrand> * continue on wayland and wayland desktop interfaces 16:31 <jdstrand> * followup on users/groups in snapd 16:31 <jdstrand> that's it from me 16:31 <mdeslaur> I'm in the happy place this week 16:31 <mdeslaur> I'm currently releasing some updates 16:31 <mdeslaur> and I have some more to work on 16:31 <mdeslaur> that's about it, sbeattie, you're up 16:32 <sbeattie> I'm on community this week 16:32 <sbeattie> I have openjdk-8 updates to test and publish, waiting on td aitx for openjdk-7 16:32 <sbeattie> I have some kernel signoff tasks to do 16:33 <sbeattie> also waiting for the xenial updates from the last round to publish USNs for (there was 4? respins) 16:33 <sbeattie> I'll work on the list of needed updates as well 16:33 <sbeattie> that's it for me. tyhicks? 16:34 <tyhicks> I'm on bug triage this week 16:34 <tyhicks> I have quite a bit of sprint followup up to do 16:35 <tyhicks> need to capture any missing notes from sessions 16:35 <tyhicks> still getting caught up on email that couldn't be tended to while I was sprinting last week 16:36 <tyhicks> I've identified what I think is a better potential solution for userspace being able to tell the kernel what seccomp actions it wants logged and I've started on that feature 16:36 <tyhicks> there's an fscrypt pam module that I need to review and package 16:36 <tyhicks> I also need to get to the bottom of fscrypt build tests and whether they're appropriate for running on the builders 16:37 <tyhicks> finally, I need to familiarize myself with the current LSM stacking patch set 16:37 <tyhicks> that's it for me 16:37 <tyhicks> jjohansen: you're up 16:37 <jjohansen> This week I am working on apparmor upstreaming. Specifically I need to give another once over to the various patches that are "done". 16:37 <jjohansen> I need to do a revision on the mount patch around pivot root. 16:37 <jjohansen> I need to finish up some stacking and namespace related revisions that I didn't manage to land in 4.13, and I need to continue with the networking patch revisions. 16:38 <jjohansen> I also need to poke some more at LSM stacking and finish with my linux plumbers booking. 16:38 <jjohansen> I think thats it for me 16:38 <jjohansen> sarnold: you're up 16:38 <sarnold> I'm on CVE triage this week, and running down the MIRs 16:38 <sarnold> that's it for me, chrisccoulson? 16:40 <chrisccoulson> I'll be spending a lot of time trying to get rust and cargo updated to the required versions this week 16:41 <chrisccoulson> And I'll probably spend some more time going through my list of spidermonkey patches to attempt backports too 16:41 <chrisccoulson> That's probably it for me - I've no other updates planned this week 16:42 <tyhicks> Emily is out so lets go to leosilva 16:42 <leosilva> I worked in some updtes last week - apport and some publishments. 16:42 <leosilva> this wee I want to finish mysql update, publish samba and get/search for new updates for precise/esm 16:43 <leosilva> that is for me. 16:43 <leosilva> tyhicks: it's back to you 16:43 <tyhicks> thanks 16:43 <tyhicks> [TOPIC] Highlighted packages 16:44 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:44 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/tt-rss.html 16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gtkwave.html 16:44 <tyhicks> [TOPIC] Miscellaneous and Questions 16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/node-qs.html 16:44 <tyhicks> Does anyone have any other questions or items to discuss? 16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/jetty9.html 16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/r-base.html 16:46 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, leosilva: Thanks! 16:46 <tyhicks> #endmeeting