16:31 <tyhicks> #startmeeting 16:31 <meetingology> Meeting started Mon Oct 16 16:31:48 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:31 <meetingology> 16:31 <meetingology> Available commands: action commands idea info link nick 16:31 <mdeslaur> \o 16:32 <tyhicks> The meeting agenda can be found at: 16:32 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 <tyhicks> [TOPIC] Announcements 16:32 <tyhicks> Simon Quigley (tsimonq2) provided debdiffs for trusty-artful for git (LP: #1719740) 16:32 <ubottu> Launchpad bug 1719740 in git (Ubuntu Artful) "[CVE] Git cvsserver OS Command Injection" [High,Fix released] https://launchpad.net/bugs/1719740 16:32 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :) 16:32 <tyhicks> [TOPIC] Weekly stand-up report 16:32 <tyhicks> mdeslaur: you're up 16:32 <mdeslaur> I'm in the happy place this week 16:33 <mdeslaur> I'm currently publishing wpa updates 16:33 <mdeslaur> and I have some xorg updates to test and publish after that 16:33 <mdeslaur> I'll be picking something off the list after 16:33 <mdeslaur> that's about it 16:33 <mdeslaur> sbeattie: you're up 16:34 <sbeattie> I'm in the happy place this week 16:34 <bittin> i am helping with some Ubuntu ISO testing :p 16:34 <sbeattie> I'm working on a perl update, and have another update to finish testing 16:35 <sbeattie> I need to look at some apparmor tasks 16:35 <sbeattie> and I'll pick up another update off the list. 16:35 <sbeattie> that's it for me. tyhicks? 16:36 <tyhicks> I'll be doing SRU verifications this week for libseccomp and seccomp kernel changes 16:36 <tyhicks> oh, I'm on community this week 16:36 <tyhicks> I'm in the process of going back through the ecryptfs kernel queue and getting certain fixes headed to 4.14 and others to 4.15 16:37 <tyhicks> I'll have a bit more work to do upstream for libseccomp and libseccomp-golang this week once a couple PR reviews are completed but the hard work is already done there 16:37 <tyhicks> finally, I need to get back on top of my email inbox after falling behind while traveling lately 16:38 <tyhicks> I suspect that there will be some items that fall out of that 16:38 <tyhicks> jjohansen: you're up 16:38 <jjohansen> I am ignoring everyone this week until I can the unix socket RFC out 16:39 <tyhicks> good idea 16:39 <tyhicks> feel free to leave it at that :) 16:39 <jjohansen> after which I have a back log of bugs to investigate, and possibly 2.9, and 2.10 point releases 16:40 <jjohansen> sarnold: you're up 16:41 <sarnold> I'm on cve triage this week, but I think ratliff is going to help out in the mornings :) otherwise it'll be running down the MIRs.. spice-vdagent is in progress atm 16:41 <sarnold> also reviewing whatever it is john prepares for aa upstreaming 16:42 <sarnold> and maybe this is the week I finally bid farewell to my beloved pentadactyl and waste an entire day trying webbrowsers :( 16:42 <sarnold> that's it for me, chrisccoulson? 16:42 <chrisccoulson> I need to update rust to 1.20 everywhere 16:43 <chrisccoulson> I'll also need to sync up with will at some point to discuss the startpage in firefox 16:44 <chrisccoulson> Fingers crossed, after that I'll be able to focus on the stuff I discussed with tyhicks at the sprint 16:44 <chrisccoulson> That's me done 16:44 <ratliff> I'm on bug triage this week. 16:44 <tyhicks> I hope you'll be able to get to that 16:44 <mdeslaur> chrisccoulson: oh! can we vote what it should be? I vote for beesbeesbees.com 16:44 <chrisccoulson> mdeslaur, haha :) 16:45 <ratliff> sarnold covered for me on CVE triage last week while I was sprinting, so I am going to return the favor this week :) 16:45 <ratliff> I have a number of tasks resulting from last's weeks sprint to focus on for this week. 16:45 <ratliff> on to you, leosilva 16:45 <leosilva> I'm in the happy place this week. 16:46 <leosilva> I'll do the usual pkg hunting 16:46 <leosilva> also have some reads and investigations to do in snap packaging. 16:47 <leosilva> also have some readings in sssd (it's hard to test it :() 16:47 <leosilva> that is from me, 16:47 <leosilva> tyhicks: it's back to you! 16:47 <tyhicks> thanks 16:47 <tyhicks> [TOPIC] Highlighted packages 16:47 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:48 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:48 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/connman.html 16:48 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/libbluray.html 16:48 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/efl.html 16:48 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/tomboy.html 16:48 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/qpid-proton.html 16:48 <tyhicks> [TOPIC] Miscellaneous and Questions 16:48 <tsimonq2> tyhicks: :D 16:48 <tyhicks> Does anyone have any other questions or items to discuss? 16:48 <tsimonq2> Also, hi everyone :) 16:49 <tyhicks> I'll just repeat what was mentioned earlier regarding the wpa updates 16:49 <tyhicks> mdeslaur released updates about an hour ago 16:49 <tyhicks> see https://usn.ubuntu.com/usn/usn-3455-1/ for details 16:49 <tyhicks> mdeslaur: thanks for handling those updates 16:49 <mdeslaur> np 16:49 <tyhicks> hi tsimonq2 16:49 <tyhicks> :) 16:50 <tyhicks> mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff, leosilva: Thanks! 16:50 <tyhicks> #endmeeting