16:32 <ratliff> #startmeeting 16:32 <meetingology> Meeting started Mon Nov 20 16:32:19 2017 UTC. The chair is ratliff. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:32 <meetingology> 16:32 <meetingology> Available commands: action commands idea info link nick 16:32 <ratliff> The meeting agenda can be found at: 16:32 <ratliff> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 <mdeslaur> \o 16:32 <ratliff> [TOPIC] Announcements 16:32 <ratliff> Today is Ubuntu Community Appreciation Day! 16:33 <ratliff> Many thanks to our Ubuntu security community members for your assistance in keeping Ubuntu users secure! :) 16:33 <leosilva> \o/ 16:33 <ratliff> More info at 16:33 <ratliff> [LINK] https://community.ubuntu.com/t/ubuntu-community-appreciation-day-nov-20th/1762 16:33 <ratliff> [TOPIC] Weekly stand-up report 16:33 <ratliff> jdstrand: you're up 16:34 <jdstrand> This is a short week for me and I'll only be working Mon and Tue. I'll continue to focus on: 16:34 <jdstrand> * followups on urgent issues that came up last week as needed 16:34 <jdstrand> * snappy PRs 16:34 <jdstrand> * pickup the ssh/gpg interfaces PR 16:34 <jdstrand> * investigate/implement proper fix for hotplugged devices not being added to device cgroup (mir input forum issue) 16:34 <jdstrand> mdeslaur: you're up 16:34 <mdeslaur> I'm in the happy place this week 16:34 <mdeslaur> I'm currently testing an embargoed issue 16:34 <mdeslaur> and I have imagemagick to look at 16:34 <mdeslaur> and another update to test 16:34 <mdeslaur> that's it for me, sbeattie ? 16:34 <sbeattie> I'm on community this week. 16:35 <sbeattie> I also have a short week, will be here through wednesday 16:35 <sbeattie> I have an apport regression update to publish for ty hicks, and will likely have kernel updates to publish today/tomorrow 16:36 <sbeattie> I'm working on the process for security triage for snaps 16:36 <sbeattie> And I have some upstream apparmor work to do 16:36 <sbeattie> that's it for me.... 16:37 <ratliff> jjohansen is next. I'm not sure if he is around, so we will give him a minute to chime in if he is 16:37 <sbeattie> no ty hicks, I don't see sarnold or jjohansen, chrisccoulson, I think you're up? 16:38 <chrisccoulson> I've got a chromium update to test, and I'm also expecting thunderbird 16:38 <chrisccoulson> I've got a regression to fix in Firefox (we dropped the "Ubuntu" token from the user agent string, oddly due to a change in the build system) 16:40 <chrisccoulson> I added a workaround to our rust package for 1.21 to get it to build, and there's a bug for that opened upstream by other distros (for around 1 month now) with no progress 16:41 <chrisccoulson> I thought I understood the issue but it turns out I don't, so I might spend a little bit of time trying to actually understand what's going on and then add my notes to the upstream bug 16:41 <chrisccoulson> but I don't want to spend a lot of time on that 16:41 <chrisccoulson> Fingers crossed I'll finally have time to do something unrelated to rust or firefox packaging this week 16:42 <chrisccoulson> I think that's me done 16:42 <chrisccoulson> Am I the only one who doesn't have a short week? 16:42 <ratliff> sarnold: go ahead 16:42 <mdeslaur> I don't have a short week 16:42 <mdeslaur> my week is painfully long 16:42 <leosilva> me neither. 16:42 <chrisccoulson> heh 16:42 <sarnold> I'm in the happy place this week, also working only MTW, doing embargoed work, apparmor patch reviews 16:43 <sarnold> that's it for me, ratliff? 16:43 <ratliff> I'm on CVE triage this week. I'll test out the new process. 16:43 <ratliff> I have a short week. :P 16:44 <ratliff> I also have more internal work to try to finish up. 16:44 <ratliff> leosilva: on to you 16:44 <leosilva> I'm the happy place this week. 16:44 <leosilva> I have some db updates to test (it's taking more time than what I want - selftests) 16:45 <leosilva> I also get python2.7 to update and will take a look in python3.* updates too. 16:45 <leosilva> that' all for me, 16:45 <leosilva> ratliff: you are back 16:45 <ratliff> thanks! 16:45 <ratliff> [TOPIC] Highlighted packages 16:45 <ratliff> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:45 <ratliff> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:46 <ratliff> https://people.canonical.com/~ubuntu-security/cve/pkg/mcabber.html 16:46 <ratliff> https://people.canonical.com/~ubuntu-security/cve/pkg/derby.html 16:46 <ratliff> https://people.canonical.com/~ubuntu-security/cve/pkg/yubiserver.html 16:46 <ratliff> https://people.canonical.com/~ubuntu-security/cve/pkg/jabberd2.html 16:46 <ratliff> https://people.canonical.com/~ubuntu-security/cve/pkg/r-cran-stringi.html 16:46 <ratliff> [TOPIC] Miscellaneous and Questions 16:46 <ratliff> Does anyone have any other questions or items to discuss? 16:49 <ratliff> jdstrand, mdeslaur, sbeattie, sarnold, chrisccoulson, leosilva: Thanks! 16:49 <sarnold> thanks ratliff! 16:49 <jdstrand> thanks ratliff :) 16:49 <ratliff> #endmeeting