#ubuntu-meeting log

16:32 <tyhicks> #startmeeting
16:32 <meetingology> Meeting started Mon Sep 18 16:32:13 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:32 <meetingology> 
16:32 <meetingology> Available commands: action commands idea info link nick
16:32 <tyhicks> The meeting agenda can be found at:
16:32 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:32 <tyhicks> [TOPIC] Announcements
16:32 <tyhicks> Ismail Belkacim provided a debdiff for xenial for phpldapadmin (LP: #1701731)
16:32 <ubottu> Launchpad bug 1701731 in phpldapadmin (Ubuntu) "phpLDAPadmin <= 1.2.3 'entry_chooser.php' Multiple Cross-Site Scripting" [Undecided,Triaged] https://launchpad.net/bugs/1701731
16:32 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :)
16:32 <tyhicks> [TOPIC] Weekly stand-up report
16:32 <tyhicks> jdstrand: you're up
16:32 <jdstrand> hey
16:32 <jdstrand> This week I plan to:
16:32 <jdstrand> * finish the reviews surrounding snapd layouts feature PR reviews (PR 3621)
16:32 <jdstrand> * get back to investigating device cgroup issues in snapd
16:33 <jdstrand> * start next steps of uid/gid work in snapd
16:33 <jdstrand> that's it for me. mdeslaur, you're up
16:33 <mdeslaur> I'm on triage this week
16:33 <mdeslaur> I'm working on apache updates
16:33 <mdeslaur> and I'm about to publish a bind9 regression fix that also contains new dnssec keys
16:33 <mdeslaur> I'll be picking up something else from the list after that
16:33 <mdeslaur> that's it, sbeattie, you're up
16:33 <sbeattie> I'm in the happy place this week
16:33 <tyhicks> oh, good idea bundling the two
16:34 <sbeattie> yeah, that's a nice one
16:34 <sbeattie> I'm working on publishing kernel USNs, as they went out this morning.
16:34 <sbeattie> I'm also working on libxml2 updates
16:35 <sbeattie> I'll pick up another one or two updates this week
16:35 <sbeattie> I need to do a bit of sprint prep
16:35 <sbeattie> and I have some apparmor reviews that have been languishing.
16:35 <sbeattie> that's it for me. tyhicks?
16:36 <tyhicks> I'm in the happy place this week
16:36 <tyhicks> I just finished addressing (and retesting) feedback items that came up in my libseccomp PR
16:37 <tyhicks> I'll be updating the PR shortly
16:37 <tyhicks> I'm also going to prepare a very minimal libseccomp upload for artful
16:37 <tyhicks> I have some Linux Security Summit followups
16:37 <tyhicks> need to finish packaging/testing fscrypt 0.2.1
16:37 <tyhicks> I'll likely have some Rally prep
16:37 <tyhicks> and I have an embargoed issue
16:37 <tyhicks> that's it for me
16:37 <tyhicks> jjohansen: you're up
16:38 <jjohansen> so I have to do a few followup items from hallway track discussions, get some pointers to things posted etc.
16:39 <jjohansen> I have a bit of prep to do for the upcoming Ralley
16:39 <jjohansen> I have a revision of the LSM stacking patches to get ready for the kt
16:40 <jjohansen> and then its back to working on the revision of apparmor unix socket mediation so we can get it into the next pull request
16:40 <jjohansen> thats it for me, sarnold you're up
16:41 <sarnold> I'm on community this week; I own john some apparmor patch reviews, then return to the python-pyelftools MIR, then rally prep
16:41 <sarnold> s/own/owe/
16:41 <sarnold> I'll probably start another MIR this week so I'd appreciate a new top priority MIR pointer
16:41 <sarnold> that's it for me, chrisccoulson?
16:42 <chrisccoulson> I've got firefox to update this week, although I'm still working through some issues with that
16:42 <chrisccoulson> last week I had to spend quite a bit of time making the unity menubar patch work again, which is quite neglected now that I'm not using unity
16:43 <chrisccoulson> I've got a trusty build failure to fix, which I think I've figured out just now
16:44 <chrisccoulson> And there's an issue with safe browsing to figure out too (it doesn't work in our builds since mozilla switched to the new API)
16:44 <chrisccoulson> Other than that, I've got chromium to test and publish
16:44 <chrisccoulson> And no doubt I'll be spending more time updating rust and pulling hair out
16:44 <chrisccoulson> that's me done
16:44 <ratliff> I'm in the happy place this week.
16:45 <ratliff> I will spend some time doing default install audits
16:45 <ratliff> I want to pull some images from the kpis to put into the weekly reports, so I will spend some time there and on other technical documentation tasks, and organizational tasks.
16:46 <ratliff> leosilva: you are up next
16:46 <leosilva> I'm bug triage this week.
16:46 <leosilva> I get some updates to do and will keep hunting them during this week.
16:46 <leosilva> that is for me, tyhicks , it's back to you
16:47 <tyhicks> thanks
16:47 <tyhicks> [TOPIC] Highlighted packages
16:47 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:47 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:47 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/festival.html
16:47 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/torbrowser-launcher.html
16:47 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/gosa.html
16:47 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/thrift-compiler.html
16:47 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/ceph-deploy.html
16:48 <tyhicks> [TOPIC] Miscellaneous and Questions
16:48 <tyhicks> Does anyone have any other questions or items to discuss?
16:50 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff, leosilva: Thanks!
16:50 <ratliff> thank you, tyhicks!
16:50 <tyhicks> #endmeeting