#ubuntu-meeting log

16:42 <tyhicks> #startmeeting
16:42 <meetingology> Meeting started Mon Dec  4 16:42:35 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:42 <meetingology> 
16:42 <meetingology> Available commands: action commands idea info link nick
16:42 <mdeslaur> \o
16:42 <tyhicks> The meeting agenda can be found at:
16:42 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:42 <tyhicks> [TOPIC] Weekly stand-up report
16:42 <tyhicks> jdstrand: you're up
16:44 <jdstrand> hey
16:44 <jdstrand> This week I'm primarily focusing on things for 2.30:
16:44 <jdstrand> * finish review-tools resquashfs tests
16:44 <jdstrand> * investigate/implement proper fix for hotplugged devices not being added to device cgroup (mir input forum issue)
16:45 <jdstrand> * policy updates PR for 2.30
16:45 <jdstrand> * pickup the ssh/gpg interfaces PR
16:45 <jdstrand> * snapd 2.30 PR reviews
16:45 <jdstrand> * investigate biometrics observe interface
16:45 <jdstrand> * implement screen-lock interface
16:45 <jdstrand> * non-2.30 PR reviews as have time (eg, layouts, xdg-settings)
16:45 <jdstrand> that's it from me
16:45 <jdstrand> mdeslaur: you're up
16:45 <mdeslaur> I'm in the happy place this week
16:45 <mdeslaur> I just published an evince update
16:45 <mdeslaur> and I have a couple more to test
16:45 <mdeslaur> I also want to work on ubuntu-support-status this week
16:45 <mdeslaur> and I'm off on friday
16:45 <mdeslaur> that's it for me, sbeattie?
16:46 <sbeattie> I'm in the happy place
16:46 <sbeattie> I'm still researching cve triage process for snaps
16:46 <sbeattie> I have some upstream apparmor tasks I need to get to
16:47 <sbeattie> I am also monitoring kernel cves/respins
16:47 <sbeattie> and I have a couple of other random issues on my plate
16:47 <sbeattie> that's it for me; tyhicks, over to you.
16:47 <tyhicks> * weekly role: happy place
16:47 <tyhicks> * embargoed issues
16:47 <tyhicks> * squashfs reproduceability
16:47 <tyhicks> * nudge a number of things along:
16:47 <tyhicks> * snapd seccomp logging PR
16:48 <tyhicks> * libseccomp Xenial SRU
16:48 <tyhicks> * audit SRUs
16:48 <tyhicks> * libseccomp-golang upstream PR
16:48 <tyhicks> jjohansen: you're up
16:48 <jjohansen> I am working on making apparmor mount mediation work with the mount code rework
16:49 <jjohansen> I will also being doing a 4.14 kernel for the kernel team
16:49 <jjohansen> and maybe I can get some work done on updating the backport kernels
16:50 <jjohansen> and I suppose there are several bugs to look at but I don't have any bug numbers of particular ones
16:50 <jjohansen> sarnold: you are up
16:51 <sarnold> I'm on bug triage this week
16:51 <sarnold> and doing some embargoed work
16:51 <sarnold> with libteam MIR after that, if there's time
16:52 <sarnold> that's it for me, chrisccoulson?
16:52 <chrisccoulson> I need to finish up rust 1.22 updates this week. There are currently 3 separate failures I need to investigate, and one of these looks like it might be the "rust builds fail randomly in launchpad" issue I had last time
16:53 <chrisccoulson> which I worked around by continually hitting retry until it built
16:53 <chrisccoulson> I've got an embargoed update to prepare
16:54 <chrisccoulson> I should be able to look at this apparmor / audit work this week
16:54 <chrisccoulson> that's me done
16:54 <ratliff> I'm on community this week
16:54 <ratliff> Other than that I am still working on two internal assignments and an embargoed issue.
16:54 <ratliff> on to you, leosilva
16:54 <leosilva> I'm on CVE-triage this week.
16:55 <leosilva> I just published curl for precise
16:55 <leosilva> I'll do my normal hunting too and some research.
16:55 <leosilva> that's it for me. tyhicks it's back to you!
16:56 <tyhicks> [TOPIC] Highlighted packages
16:56 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:56 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:56 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/sun-javadb.html
16:56 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/yaml-cpp.html
16:56 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/most.html
16:56 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/git-hub.html
16:56 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/libuser.html
16:56 <tyhicks> [TOPIC] Miscellaneous and Questions
16:56 <tyhicks> Does anyone have any other questions or items to discuss?
16:57 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff, leosilva: Thanks!
16:57 <tyhicks> #endmeeting