16:32 <ratliff> #startmeeting
16:32 <meetingology> Meeting started Mon May  7 16:32:49 2018 UTC.  The chair is ratliff. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:32 <meetingology> 
16:32 <meetingology> Available commands: action commands idea info link nick
16:32 <ratliff> The meeting agenda can be found at:
16:33 <ratliff> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:33 <ratliff> [TOPIC] Announcements
16:33 <ratliff> Thanks to Nicholas Guriev for providing a debdiff for phpliteadmin in bionic (LP: #1767723)!
16:33 <ubottu> Launchpad bug 1767723 in phpliteadmin (Ubuntu) "CVE-2018-10362: Authentication bypass" [Undecided,Fix released] https://launchpad.net/bugs/1767723
16:33 <ratliff> Thanks to Scott Kitterman (ScottK) for providing a debdiff for quassel in trusty (LP: #1767539)!
16:33 <ubottu> Launchpad bug 1767539 in quassel (Ubuntu Bionic) "Security fixes from 0.12.5 require backfit to earlier releases" [High,Confirmed] https://launchpad.net/bugs/1767539
16:33 <ratliff> Your work is very much appreciated and will keep Ubuntu users secure. Thank you!
16:33 <ratliff> [TOPIC] Weekly stand-up report
16:34 <ratliff> jdstrand: you're up
16:34 <jdstrand> hi
16:34 <jdstrand> this week I plan to:
16:34 <jdstrand> * email catch up from last week
16:35 <jdstrand> * finish part ii of phase 1 of the snap usns work
16:35 <jdstrand> * perform many PR reviews snapd
16:35 <jdstrand> * investigate issues with resquashfs enforcement
16:35 <jdstrand> this is also a short week (off friday) and I'm off next monday
16:35 <jdstrand> that's it from me
16:36 <jdstrand> mdeslaur: you're up
16:36 <mdeslaur> I'm on triage this week
16:36 <mdeslaur> I'm currently publishing qpdf and cups-filters updates
16:36 <mdeslaur> and there's a new webkit2gtk update to prepare
16:36 <mdeslaur> and I'll be going down the list after that
16:37 <mdeslaur> that's it from me
16:37 <mdeslaur> sbeattie: you're up
16:37 <sbeattie> I'm in the happy place this week
16:37 <sbeattie> I've got an embargoed issue on my plate
16:38 <sbeattie> I need to finish updating our tools in prep for cosmic
16:38 <sbeattie> I've got a couple of other updates on my plate (openjdk-8, gcc-4.6 backport)
16:39 <sbeattie> I'm also trying to catch up on apparmor merges and land a few of my own.
16:39 <sbeattie> that's likely my week. jjohansen, over to you
16:39 <jjohansen> this week I need to finish up with the major items for the 4.18 pull request
16:39 <jjohansen> • I still have some revision on the unix domain socket mediation
16:39 <jjohansen> • followup on mjg's audit rules patch
16:39 <jjohansen> • more of the dfa cleanup, to allow us to lift permission conversion to unpack time
16:39 <jjohansen> • the scope and view work (though that will probably get bumped to the next release)
16:39 <jjohansen> I still have some bugs in the 2.13 release to chase down
16:40 <jjohansen> and I really need to continue on with the 3.0 policy versioning work, so we can get a release out before 4.18 lands
16:40 <jjohansen> thats more than I will be able to do so, sarnold you are up
16:41 <sarnold> I'm on community this week
16:41 <sarnold> I'm still sorting out missing pieces of my desktop as a background activity
16:41 <sarnold> and moving down the MIRs -- currently gce-compute-image-packages is in progress, moving on to fprintd next
16:41 <sarnold> and apparmor patch reviews as needed
16:41 <sarnold> that's it for me, chrisccoulson?
16:44 <ratliff> I'll go ahead while we wait for chrisccoulson
16:44 <ratliff> I'm in the happy place this week.
16:45 <ratliff> I am catching up from sprinting last week and working out outcomes from last week's sprint.
16:45 <ratliff> Thus, I have some internal work to do. I also have some embargoed work.
16:46 <ratliff> leosilva: I'm going to hand over to you now.
16:46 <leosilva> I'm bug triage this week
16:46 <leosilva> I have a libraw update to work
16:47 <leosilva> Also I'm planning spend same time in php5 issue core dump - bad news the guy has not how to reproduce, now it's blind debug
16:47 <leosilva> that is all.
16:47 <leosilva> ratliff: back to you
16:47 <ratliff> thanks, leosilva!
16:47 <ratliff> chrisccoulson: last call
16:48 <ratliff> [TOPIC] Highlighted packages
16:48 <ratliff> The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so.
16:49 <ratliff> See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:49 <ratliff> [TOPIC] Miscellaneous and Questions
16:49 <ratliff> Does anyone have any other questions or items to discuss?
16:49 <sarnold> last call, eh? ... I guess I'm in for another old rasputin..
16:50 <ratliff> hehehe
16:51 <ratliff> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, leosilva: Thanks!
16:51 <sarnold> thanks ratliff!
16:51 <leosilva> tks ratliff!
16:51 <ratliff> #endmeeting