#ubuntu-meeting log

16:30 <ratliff> #startmeeting
16:30 <meetingology> Meeting started Mon Jun 11 16:30:14 2018 UTC.  The chair is ratliff. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:30 <meetingology> 
16:30 <meetingology> Available commands: action commands idea info link nick
16:30 <ratliff> The meeting agenda can be found at:
16:30 <ratliff> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:30 <ratliff> [TOPIC] Announcements
16:30 <ratliff> Thanks to Corey Bryant (coreycb) for providing a debdiff for bionic for python-oslo.middleware (LP: #1628031).
16:30 <ubottu> Launchpad bug 1628031 in OpenStack Security Advisory "[OSSA-2017-001] CatchErrors leaks sensitive values in oslo.middleware (CVE-2017-2592)" [High,Fix released] https://launchpad.net/bugs/1628031
16:30 <ratliff> Thanks to Simon Deziel (sdezial) for provided debdiffs for artful and bionic for unbound (LP: #1773720).
16:30 <ubottu> Launchpad bug 1773720 in unbound (Ubuntu Bionic) "CVE-2017-15105" [Undecided,Fix released] https://launchpad.net/bugs/1773720
16:31 <ratliff> Your work is very much appreciated and will keep Ubuntu users secure. Thank you!
16:31 <ratliff> The Ubuntu Security team is hiring. See https://grnh.se/8c0a6c1f1 for more details.
16:31 <ratliff> [TOPIC] Weekly stand-up report
16:31 <ratliff> jdstrand: you're up
16:32 <jdstrand> hi!
16:32 <jdstrand> This is a short week for me (off friday and all next week). This week I plan to work on:
16:32 <jdstrand> * snapd PR reviews
16:32 <jdstrand> * go through the anbox design and think through what proper confinement might look like
16:32 <jdstrand> * iterate on last open PR (udev trigger)
16:32 <jdstrand> that's it from me. mdeslaur, you're up
16:32 <jdstrand> * adjust snap-confine to always use a device cgroup
16:32 <jdstrand> * pick up review-tools snap USNs phase1/part ii work as have time
16:32 <mdeslaur> I'm on triage this week
16:33 <mdeslaur> I'm currently working on a massive imagemagick update
16:33 <mdeslaur> if anyone wants to help test, packages are building in the security team proposed PPA
16:33 <mdeslaur> I'm also working on en embargoed issue
16:33 <mdeslaur> and I'll pick something else from the list after that
16:33 <mdeslaur> that's it from me
16:33 <mdeslaur> sbeattie?
16:33 <sbeattie> I'm in the happy place this week
16:34 <sbeattie> I'm currently working on gnupg/gnupg2 updates
16:34 <sbeattie> (they're also available in the security team proposed PPA for testing)
16:34 <sbeattie> kernel updates are in the process of being published, will be publishing USNs for those
16:35 <sbeattie> I also have amd64-microcode updates to publish once the kernel is out the door
16:35 <sbeattie> after that, I have a couple of internal tasks to taek on.
16:35 <sbeattie> That will probably consume my week.
16:36 <sbeattie> jjohansen: over to you
16:36 <jjohansen> I need to get my upstream kernel apparmor pull request out this morning, it was delayed last week because of the idr patch
16:37 <jjohansen> and then I really need to focus on apparmor 3, specifically the feature subsetting so that we correctly compile versioned policy to what the kernel supports
16:38 <jjohansen> if I get that done, I will move on to what ever other misc apparmor 3 issues need addressed so we can kick it out next week
16:38 <jjohansen> sarnold: you are up
16:38 <sarnold> I'm on community this week
16:38 <sarnold> working down the list of MIRs, fprintd and .. related package .. and need to submit presentation topic to debconf
16:38 <sarnold> that's it for me, chrisccoulson?
16:39 <sarnold> (oh yes, reviewing john's patches if he feels it useful)
16:39 <chrisccoulson> I'm currently working on a firefox update
16:39 <chrisccoulson> the thunderbird update I was expecting still hasn't happened, so I'll have to do that if it does
16:40 <chrisccoulson> I triaged all of the spidermonkey CVEs at the end of last week, and I'll probably do an update for that this week
16:40 <chrisccoulson> other than that, I'm still working on getting thunderbird 60 packages building
16:41 <chrisccoulson> I hope I'll have enough time after that to do something else, as it's .... *drum roll* .... rust updates next week
16:41 <chrisccoulson> that's me done
16:42 <ratliff> I'm in the happy place this week.
16:43 <ratliff> This week will be dedicated to internal work. When I get a few spare minutes I will work on triaging wireshark CVEs to ensure they show the actual state.
16:43 <ratliff> leosilva: on to you
16:43 <leosilva> I'm bug-triage this week.
16:43 <leosilva> I'm working on ruby updates.
16:44 <leosilva> I'll also do some cve- searching after ruby to pick other updates
16:44 <leosilva> ratliff: it's back to you.
16:44 <ratliff> thanks, leosilva!
16:44 <ratliff> [TOPIC] Highlighted packages
16:44 <ratliff> The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so.
16:44 <ratliff> See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:44 <ratliff> [TOPIC] Miscellaneous and Questions
16:44 <ratliff> Does anyone have any other questions or items to discuss?
16:46 <ratliff> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, chrisccoulson, leosilva: Thanks!
16:46 <ratliff> #endmeeting