16:36 <tyhicks> #startmeeting
16:36 <meetingology> Meeting started Mon Feb 12 16:36:59 2018 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:36 <meetingology> 
16:36 <meetingology> Available commands: action commands idea info link nick
16:37 <tyhicks> The meeting agenda can be found at:
16:37 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:37 <tyhicks> [TOPIC] Announcements
16:37 <tyhicks> Jeremy Bicha (jbicha) provided a debdiff for xenial for brotli (LP: #1737364)
16:37 <ubottu> Launchpad bug 1737364 in brotli (Ubuntu Xenial) "16.04: Fix CVE-2016-1968 and CVE-2016-1624 for brotli" [Undecided,Fix released] https://launchpad.net/bugs/1737364
16:37 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :)
16:37 <tyhicks> [TOPIC] Weekly stand-up report
16:37 <tyhicks> jdstrand: you're up
16:37 <jdstrand> hi
16:37 <jdstrand> Last week I ended up sending more time on the store items and review tools updates than I plenned, so this week I plan to:
16:37 <jdstrand> - continue snapd PR reviews (layouts is close to done, portals, steam-support when get feedback on what I gave last week, etc)
16:38 <jdstrand> - LSM stacking demo
16:38 <jdstrand> that's it from me. mdeslaur, you're up
16:38 <jdstrand> - lxd snap regression wrt confinement
16:38 <jdstrand> - create screencast interface
16:38 <jdstrand> - strict mode snaps on live cd
16:38 <mdeslaur> jdstrand: hey
16:38 <mdeslaur> jdstrand: I'm in the happy place this week
16:38 <mdeslaur> I'm currently publishing some USNs, and will work on some more security updates after that
16:38 <mdeslaur> that's pretty much it, sbeattie, you're up
16:39 <sbeattie> I'm on community this week
16:40 <sbeattie> I'm working on investigating enabling retpoline by default for bionic and all that entails
16:40 <sbeattie> I also need to finish my precise backport for retpoline
16:41 <sbeattie> I'll have some usual kernel cve triage to handle.
16:41 <sbeattie> The above will surely consume my week. tyhicks, over to you.
16:42 <tyhicks> sbeattie: do you plan to release the existing retpoline gcc updates in {artful,xenial}-proposed to -security early this week? (before the kernels go out)
16:43 <tyhicks> I ended up spending quite a bit of time on the new, in-development USN website last week
16:44 <sbeattie> tyhicks: good question, I'd not thought very hard about it, but that would make sense.
16:44 <tyhicks> sbeattie: please sync up w/ the kernel team to see how their testing is going, when they're planning on releasing, and then we can figure out when to push those updates out
16:45 <sbeattie> tyhicks: will do
16:45 <sarnold> .. probably folks with dkms systems would like those compilers pushed at the same time as the kernels?
16:45 <tyhicks> this week, I'll be fixing up any issues that are discovered while the team publishes USNs to the existing and new USN websites
16:45 <tyhicks> I need to focus on the LSM stacking demo that keeps getting pushed back
16:45 <tyhicks> I have an embargoed issues
16:45 <tyhicks> s/issues/issue/
16:46 <tyhicks> and there are some internal tasks that I'll be working on
16:46 <tyhicks> jjohansen: you're up
16:46 <jjohansen> I am going to be looking into a few reported bugs this week
16:47 <jjohansen> specifically the target domain name bug, for snappy (sorry browser crashed and lost all its tabs)
16:47 <jjohansen> and the stacking bug with px transitions that cjwatson hit
16:48 <jjohansen> I will also be working on a revised LSM stacking kernel
16:49 <jjohansen> and chasing down the bug with it where ssh doesn't work under selinux due to something in procattr
16:49 <jjohansen> I also have some prep work to do before tomorrow's apparmor meeting
16:49 <jjohansen> I think that is it for me sarnold you are up
16:50 <sarnold> I'm on cve triage this week; I'm working on the openjpeg2 mir, and want to file a few bug reports with the project that'll take a bit of extra time.
16:50 <sarnold> I'll also do some apparmor patch review if jj needs it; and then move on down the MIRs
16:51 <sarnold> I think that's is for me, chrisccoulson?
16:51 <chrisccoulson> I've got a firefox publication to finish up
16:51 <chrisccoulson> I also need to publish ubuntu-drivers-common - it's ready to go, but I don't know whether to just push it or wait for the updated kernels
16:52 <chrisccoulson> other than that, I've got no other planned updates (no rust updates either!), so I'll get to spend time looking at this audit thing
16:52 <chrisccoulson> of course, I can help out with other updates as well if anyone needs me too
16:52 <chrisccoulson> that's me done
16:54 <tyhicks> lionel: you're up
16:54 <tyhicks> sorry
16:54 <tyhicks> leosilva: you're up
16:54 <leosilva> hehe, I'm the happy place this week. And will have short week.
16:55 <leosilva> I'm working on wavpack and hunting for new pkgs to update.
16:55 <leosilva> that's it for me.
16:55 <leosilva> tyhicks: is back to you
16:55 <tyhicks> thanks
16:55 <tyhicks> [TOPIC] Highlighted packages
16:55 <tyhicks> [TOPIC] Highlighted packages
16:55 <tyhicks> The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security
16:55 <tyhicks> updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:55 <tyhicks> [TOPIC] Miscellaneous and Questions
16:55 <tyhicks> Does anyone have any other questions or items to discuss?
16:58 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, leosilva: Thanks!
16:58 <tyhicks> #endmeeting