16:01 #startmeeting 16:01 Meeting started Thu Jan 25 16:01:00 2018 UTC. The chair is slangasek. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:01 16:01 Available commands: action commands idea info link nick 16:01 [TOPIC] Lightning round 16:01 $ echo $(shuf -e slangasek bdmurray xnox tdaitx doko sil2100 rbalint infinity cyphermox mwhudson rcj philroche Odd_Bloke tribaal fginther juliank) 16:01 doko slangasek cyphermox mwhudson bdmurray rcj Odd_Bloke fginther philroche xnox sil2100 juliank rbalint tribaal infinity tdaitx 16:01 and doko is out today 16:01 * Odd_Bloke is running late from a previous meeting, if he could be deferred to the end of the round. 16:01 so I win! 16:01 Odd_Bloke: ack 16:01 o/ 16:02 * at product sprint in cape town last week, and off M-W this week, so little to report 16:02 * continuing engagement around Spectre+Meltdown 16:02 cyphermox: 16:02 (done) 16:02 I'm not done yet 16:02 Oh, looks like slangasek said that cyphermox is done 16:02 ;) 16:02 MIR: 16:02 - review rdma-core 16:02 bionic: 16:02 - discuss further netcfg fixes for hostname preseeding with slashd 16:03 netplan: 16:03 y 16:03 argh 16:03 - fixup for Ryan's port-priority update 16:03 - migrate netplan to github 16:03 - release 0.33 (highlight) 16:03 - setup per-commit CI 16:03 shim-review: 16:03 - review Blancco shim 16:03 - review IGEL's shim 16:03 xenial: 16:03 - grub2 net NIC selection fix 16:03 other stuff: 16:03 - code-review for rcj's initramfs-compression fix for ubuntu-cpc 16:03 - discuss netplan and juju interaction for /e/n/i fix 16:03 (done) (done) 16:03 hmm, looks like I need to fix my xslt for that highlight 16:04 cyphermox, sil2100: speculative execution via IRC? because I entered those lines in the correct order ;) 16:04 bdmurray: 16:04 bdmurray is off 16:04 rcj: 16:04 ;) 16:05 - Publication of new cloud release images in response to Spectre-related kernel 16:05 updates 16:05 - cloud-image build system engineering 16:05 (done) 16:05 * CVE-2017-5754 related image publication 16:05 - Monitoring and performing some manual operations to publish images 16:05 - Fixed an issue that was causing an image build failure 16:05 * Performed some End-of-Life updates for zesty 16:05 Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5754) 16:05 * Development work for automated image publication to a partner cloud 16:05 * Identified some firewall updates needed for external endpoint changes 16:06 (done) 16:06 * Cloud image build system maintenance 16:06 * Spectre CVE cloud image delivery 16:06 (done) 16:06 xnox is out 16:06 sil2100: 16:06 - Once again a lot of respin kernel SRUs 16:06 - Regular SRU reviews and releases 16:06 - Handling the release of xenial 16.04.4 language-pack updates 16:06 - Preparing the base bionic language packs for upload 16:06 - Fixing my broken kernel-sru bot instance 16:06 - Preparing and uploading grub2 for vt.handoff=1 switch (with testing) 16:06 * Also looking into what the vt.handoff kernel code actually does 16:06 - Checking some autopkgtest failures for some xenial python-defaults landings 16:06 - Working on some NBS: 16:06 * Sending patch for debian-cd to Debian 16:06 * Trying to remove NBS dep from activemq - package FTBFS 16:06 - 16.04.4 discussions 16:06 (done) 16:07 juliank: 16:07 * updated the distro a bit - 13 "new" merges & syncs (since last meeting): zsh, transmission (CVE-2018-5702), aptitude, brltty (bug 1741070), readline (sync), slang2, strace, gnutls28, kbd, wget, valgrind, dash, curl 16:07 * 3 other simple uploads: ppc64-diag (bug 1744707), lsvpd (bug 1741070), lshw (bug 1741070) - simple backlog growth prevention. 16:07 * finished the multipath-tools merge, thanks cpaelzer for reviewing and testing it 16:07 * would like to merge some harder stuff like rsyslog or pam 16:07 * need to fix some regressions from the merges :( 16:07 bug 1741070 in brltty (Ubuntu) "Please merge brltty (main) 5.5-4 from Debian unstable (main)" [Wishlist,Fix committed] https://launchpad.net/bugs/1741070 16:07 Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS rebinding attack. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5702) 16:07 bug 1744707 in The Ubuntu-power-systems project "ppc64-diag fixes for Ubuntu 18.04" [High,Fix released] https://launchpad.net/bugs/1744707 16:07 sil2100: kernel-sru bot? 16:07 slangasek: I have a bot that pokes me whenever there's a new kernel ready for review or release 16:07 (done) 16:07 * flash-kernel merge, waiting a test on actual hw in LP: #1690650 16:07 Launchpad bug 1690650 in flash-kernel (Ubuntu) "flash kernel reports unsupported platform on rpi 2 1.2" [Undecided,Confirmed] https://launchpad.net/bugs/1690650 16:07 * internal testbed setup 16:08 (done) 16:08 juliank: pam already has a merge in progress, please don't steal 16:08 slangasek: but it got busted, mainly because my instance ran out of disk space due to the kernels, but now I'm manually autoremoving those just in case ;) 16:08 slangasek: awesome 16:08 sil2100: if only we had some technology to autoremove unused kernels 16:09 * juliank wanted to ask about that later 16:09 ;) 16:09 tribaal: 16:09 slangasek: i'm on it, :-) 16:09 slangasek: there's a bug about automatic autoremoval in apt from sabdfl :) 16:10 no tribaal? 16:10 and no infinity 16:10 tdaitx: 16:10 * OpenJDK 8 security updates: 16:10 - armhf, arm64, and s390x demanding some love (hotspot security fixes) 16:10 * Ongoing backport to OpenJDK 7 16:10 * Testing OpenJDK 9.0.4 as default openjdk 16:10 - going albeit slow, need to free more space again 16:10 AOB: 16:10 - where should I go to debug s390x core files? is there a porter box somewhere? 16:10 - docker is a buffoon and leaves piles of btrfs subvolumes around 16:10 (done) 16:10 * Similar to Steve, at product sprint and off for most of this week 16:10 * Continued Meltdown/Spectre work 16:10 * Adding the lxd snap to our matrix of lxd testing 16:10 (done) 16:12 tdaitx: there's not a formal "porter box" setup for s390x but we can get you access 16:12 tdaitx: ping me after the meeting? 16:12 slangasek: sure, thanks! 16:12 any questions over status? 16:13 since bdmurray is off, I think we'll skip over bugs this week 16:14 [TOPIC] AOB 16:14 anything else? 16:14 I have a question 16:14 So debian-cd is holding up lynx-cur as an NBS, but I see that we never actually had an Ubuntu delata in debian-cd 16:14 the nbs report is blind to alternatives and such 16:14 I forwarded the patch to Debian, but should we wait for the next debian-cd release that will get synced? 16:15 is it possible this is not a real blocker for removal? 16:15 Depends: lynx-cur | lynx 16:15 Not sure, I thought alternatives still keep the binary around 16:15 so should be possible to remove 16:15 Oh, this I did not know! 16:15 the report could be improved 16:16 slangasek: ok, then I'll just remove the binary then, since that's the only leftover 16:16 phew 16:16 sil2100: sounds good :) 16:16 I thought I'd have to eb the bad guy to first introduce an ubuntu delta for debian-cd ;p 16:16 Thanks! 16:17 ok cool 16:17 anything else? 16:17 quick meeting 16:17 everyone can get back to the fire drills in progress 16:17 #endmeeting