#ubuntu-meeting log

16:31 <ratliff> #startmeeting
16:31 <meetingology> Meeting started Mon Mar 26 16:31:46 2018 UTC.  The chair is ratliff. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:31 <meetingology> 
16:31 <meetingology> Available commands: action commands idea info link nick
16:32 <ratliff> The meeting agenda can be found at:
16:32 <ratliff> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:32 <ratliff> [TOPIC] Announcements
16:32 <ratliff> Thanks to Simon Quigley (tsimonq2) for providing an update in xenial for atril (LP: #1735418) and  updates in xenial and artful for plasma-workspace (LP: #1748247)
16:32 <ubottu> Launchpad bug 1735418 in atril (Ubuntu Bionic) "[CVE] Command injection with cbt files" [Medium,Fix released] https://launchpad.net/bugs/1735418
16:33 <ubottu> Launchpad bug 1748247 in plasma-workspace (Ubuntu Bionic) "[CVE] Arbitrary command execution in the removable device notifier" [High,Fix released] https://launchpad.net/bugs/1748247
16:33 <ratliff> Your work is very much appreciated and will keep Ubuntu users secure.
16:33 <ratliff> The Ubuntu Security Team is hiring! See the job posting at
16:33 <ratliff> [LINK] https://boards.greenhouse.io/canonical/jobs/1084137#.WqvsZ6jwaUk
16:33 <ratliff> [TOPIC] Weekly stand-up report
16:33 <ratliff> jdstrand: you're up
16:34 <jdstrand> hi!
16:34 <jdstrand> FYI, the portions of layouts and portals that are for me are now done (there might be some additional PRs here and there, but I think we can now mark the cards as DONE, which I'm in the process of doing). This week I plan to work on:
16:34 <jdstrand> - there are a few emergency PRs for 18.04 related to systemd and glvnd breakage
16:34 <jdstrand> - steam-support interface
16:34 <jdstrand> - lxd partial confinement not working bug
16:34 <jdstrand> - org.gnome.Shell.Screencast interface
16:34 <jdstrand> - work done the backlog lane as have time
16:34 <jdstrand> down*
16:35 <jdstrand> I figure after this week I'm going to pivot to snaps and usns
16:35 <jdstrand> that's it from me
16:35 * mdeslaur takes the mike
16:35 <jdstrand> heh, yes. you're up :)
16:35 <mdeslaur> is this thing on?
16:35 <mdeslaur> I'm in the happy place this week
16:36 <mdeslaur> I just published some more tiff updates
16:36 <mdeslaur> and I think I've tracked down the regression in unixodbc
16:36 <mdeslaur> I need to test some wayland updates somehow
16:36 <mdeslaur> and I'll pick something else off the list
16:36 <tsimonq2> ratliff: hey thanks :)
16:36 <mdeslaur> that's about it, sbeattie?
16:36 <ratliff> sbeattie is on vacation this week
16:37 <ratliff> tsimonq2: nice to see you and we thank you! :)
16:37 <mdeslaur> ah! who's next
16:37 <ratliff> sarnold: you are up
16:37 <sarnold> hey tsimonq2 :)
16:37 <sarnold> I'm on bug triage this week
16:37 <sarnold> I'm working on the volume-key mir, moving down the list..
16:38 <sarnold> hrm, I can't recall which one is next on the list
16:38 <ratliff> python-nacl
16:38 <sarnold> aha! thanks
16:38 <sarnold> and I saw john check in some apparmor patches, maybe review new patches if he's got them
16:39 <sarnold> and it's a short week, I'm off friday
16:39 <sarnold> that's it for me, chrisccoulson?
16:39 <chrisccoulson> I've got a thunderbird update to do, and also yet another firefox update
16:40 <chrisccoulson> I'll need to spend a small amount of time on 1 embargoed issue
16:40 <chrisccoulson> And I've got 1 internal thing to work on
16:41 <chrisccoulson> Hopefully I'll get back to working on this apparmor audit work after that
16:41 <chrisccoulson> It's a short week for me (I'm off Friday as well)
16:41 <chrisccoulson> That's me done
16:41 <ratliff> I'm on community this week.
16:42 <ratliff> I will mostly focus on internal tasks (including ideally talking to candidates for the Tech Lead job).
16:42 <ratliff> leosilva: on to you
16:42 <leosilva> I'm on cve-triage this week
16:42 <leosilva> I have a zsh to update - zsh that cool bash tool.
16:43 <leosilva> and I'll keep hunting pkgs to update
16:43 <leosilva> that is all, ratliff it's back to you
16:43 <ratliff> [TOPIC] Highlighted packages
16:43 <ratliff> The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel
16:43 <ratliff> free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:43 <ratliff> [TOPIC] Miscellaneous and Questions
16:44 <ratliff> Does anyone have any other questions or items to discuss?
16:46 <ratliff> jdstrand, mdeslaur, sarnold, chrisccoulson, leosilva: Thanks!
16:46 <mdeslaur> thanks ratliff!
16:46 <ratliff> #endmeeting