16:36 <tyhicks> #startmeeting 16:36 <meetingology> Meeting started Mon Feb 12 16:36:59 2018 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:36 <meetingology> 16:36 <meetingology> Available commands: action commands idea info link nick 16:37 <tyhicks> The meeting agenda can be found at: 16:37 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:37 <tyhicks> [TOPIC] Announcements 16:37 <tyhicks> Jeremy Bicha (jbicha) provided a debdiff for xenial for brotli (LP: #1737364) 16:37 <ubottu> Launchpad bug 1737364 in brotli (Ubuntu Xenial) "16.04: Fix CVE-2016-1968 and CVE-2016-1624 for brotli" [Undecided,Fix released] https://launchpad.net/bugs/1737364 16:37 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :) 16:37 <tyhicks> [TOPIC] Weekly stand-up report 16:37 <tyhicks> jdstrand: you're up 16:37 <jdstrand> hi 16:37 <jdstrand> Last week I ended up sending more time on the store items and review tools updates than I plenned, so this week I plan to: 16:37 <jdstrand> - continue snapd PR reviews (layouts is close to done, portals, steam-support when get feedback on what I gave last week, etc) 16:38 <jdstrand> - LSM stacking demo 16:38 <jdstrand> that's it from me. mdeslaur, you're up 16:38 <jdstrand> - lxd snap regression wrt confinement 16:38 <jdstrand> - create screencast interface 16:38 <jdstrand> - strict mode snaps on live cd 16:38 <mdeslaur> jdstrand: hey 16:38 <mdeslaur> jdstrand: I'm in the happy place this week 16:38 <mdeslaur> I'm currently publishing some USNs, and will work on some more security updates after that 16:38 <mdeslaur> that's pretty much it, sbeattie, you're up 16:39 <sbeattie> I'm on community this week 16:40 <sbeattie> I'm working on investigating enabling retpoline by default for bionic and all that entails 16:40 <sbeattie> I also need to finish my precise backport for retpoline 16:41 <sbeattie> I'll have some usual kernel cve triage to handle. 16:41 <sbeattie> The above will surely consume my week. tyhicks, over to you. 16:42 <tyhicks> sbeattie: do you plan to release the existing retpoline gcc updates in {artful,xenial}-proposed to -security early this week? (before the kernels go out) 16:43 <tyhicks> I ended up spending quite a bit of time on the new, in-development USN website last week 16:44 <sbeattie> tyhicks: good question, I'd not thought very hard about it, but that would make sense. 16:44 <tyhicks> sbeattie: please sync up w/ the kernel team to see how their testing is going, when they're planning on releasing, and then we can figure out when to push those updates out 16:45 <sbeattie> tyhicks: will do 16:45 <sarnold> .. probably folks with dkms systems would like those compilers pushed at the same time as the kernels? 16:45 <tyhicks> this week, I'll be fixing up any issues that are discovered while the team publishes USNs to the existing and new USN websites 16:45 <tyhicks> I need to focus on the LSM stacking demo that keeps getting pushed back 16:45 <tyhicks> I have an embargoed issues 16:45 <tyhicks> s/issues/issue/ 16:46 <tyhicks> and there are some internal tasks that I'll be working on 16:46 <tyhicks> jjohansen: you're up 16:46 <jjohansen> I am going to be looking into a few reported bugs this week 16:47 <jjohansen> specifically the target domain name bug, for snappy (sorry browser crashed and lost all its tabs) 16:47 <jjohansen> and the stacking bug with px transitions that cjwatson hit 16:48 <jjohansen> I will also be working on a revised LSM stacking kernel 16:49 <jjohansen> and chasing down the bug with it where ssh doesn't work under selinux due to something in procattr 16:49 <jjohansen> I also have some prep work to do before tomorrow's apparmor meeting 16:49 <jjohansen> I think that is it for me sarnold you are up 16:50 <sarnold> I'm on cve triage this week; I'm working on the openjpeg2 mir, and want to file a few bug reports with the project that'll take a bit of extra time. 16:50 <sarnold> I'll also do some apparmor patch review if jj needs it; and then move on down the MIRs 16:51 <sarnold> I think that's is for me, chrisccoulson? 16:51 <chrisccoulson> I've got a firefox publication to finish up 16:51 <chrisccoulson> I also need to publish ubuntu-drivers-common - it's ready to go, but I don't know whether to just push it or wait for the updated kernels 16:52 <chrisccoulson> other than that, I've got no other planned updates (no rust updates either!), so I'll get to spend time looking at this audit thing 16:52 <chrisccoulson> of course, I can help out with other updates as well if anyone needs me too 16:52 <chrisccoulson> that's me done 16:54 <tyhicks> lionel: you're up 16:54 <tyhicks> sorry 16:54 <tyhicks> leosilva: you're up 16:54 <leosilva> hehe, I'm the happy place this week. And will have short week. 16:55 <leosilva> I'm working on wavpack and hunting for new pkgs to update. 16:55 <leosilva> that's it for me. 16:55 <leosilva> tyhicks: is back to you 16:55 <tyhicks> thanks 16:55 <tyhicks> [TOPIC] Highlighted packages 16:55 <tyhicks> [TOPIC] Highlighted packages 16:55 <tyhicks> The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security 16:55 <tyhicks> updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:55 <tyhicks> [TOPIC] Miscellaneous and Questions 16:55 <tyhicks> Does anyone have any other questions or items to discuss? 16:58 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, leosilva: Thanks! 16:58 <tyhicks> #endmeeting