#ubuntu-meeting log

16:31 <ratliff> #startmeeting
16:31 <meetingology> Meeting started Mon Aug  6 16:31:08 2018 UTC.  The chair is ratliff. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:31 <meetingology> 
16:31 <meetingology> Available commands: action commands idea info link nick
16:31 <leosilva> o/
16:31 <ratliff> The meeting agenda can be found at:
16:31 <ratliff> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:31 <ratliff> [TOPIC] Announcements
16:31 <ratliff> We have no new announcements this week.
16:31 <ratliff> [TOPIC] Weekly stand-up report
16:32 <ratliff> jdstrand: you're up
16:32 <jdstrand> This week I plan to work on:
16:32 <jdstrand> - finishing the socketcall() deprecation in snapd
16:32 <jdstrand> - brand store snap declarations
16:32 <jdstrand> - various snapd PR reviews
16:32 <jdstrand> - kubernetes-support interfaces
16:32 <jdstrand> - embargoed issue
16:32 <jdstrand> mdeslaur: you're up
16:34 <mdeslaur> I'm in the happy place this week
16:34 <mdeslaur> I'm travelling all week, I'll be back next tuesday
16:34 <mdeslaur> I'm doing some travel preparations today and re-spinning some embargoed packages
16:35 <mdeslaur> that's about it
16:35 <mdeslaur> sbeattie: you're up
16:35 <sbeattie> I'm on bug triage this week
16:35 <sbeattie> I have some kernel triage and signoffs to do.
16:35 <sbeattie> I also have intel-microcode updates sitting in the security-proposed ppa to be tested and published.
16:35 <sbeattie> I have an embargoed issue pending.
16:36 <sbeattie> And I have a mountain of email to go through now that I'm back from vacation.
16:36 <sbeattie> That's the highlights for me; jjohansen, you're up.
16:39 <ratliff> I'll go ahead and we can circle back around to jjohansen in a bit.
16:39 <jjohansen> need to look into 1783922 and report regression around bind mounts on 4.18
16:39 <ratliff> I'm on CVE triage this week.
16:39 <ratliff> I'm working on an embargoed issue, internal work.
16:40 <ratliff> I also plan to publish information about our CVE assignments to MITRE this week (via github).
16:40 <ratliff> oops, jjohansen go ahead, sorry to interrupt
16:40 <jjohansen> not at all
16:41 <jjohansen> I need to look into 1783922 and report regression around bind mounts on 4.18
16:41 <jjohansen> then I need to look into the latest revisions in dhowell's mount rework around apparmor
16:41 <jjohansen> and I really need to try and get to mjgs secmark patch for apparmor, I expect that will take the rest of the week and then some
16:41 <jjohansen> if I have time after those I will go back to the work needed to finish getting apparmor 3.0 out the door
16:41 <jjohansen> the largest item remaining is dealing with the differences between 2 feature abi sets (kernel and policy)
16:42 <jjohansen> thats it for me, sarnold you are up
16:42 <ratliff> I think that sarnold is travelling today
16:42 <jjohansen> oh right, debconf
16:42 <ratliff> leosilva: you are up
16:42 <leosilva> I'm in the happy place
16:43 <leosilva> I finished some min ago the libxcursor usn and will follow to the next lftp
16:43 <leosilva> other than that I'm hunting
16:43 <leosilva> msalvatore: you're up
16:43 <msalvatore> I'm in the happy place this week.
16:43 <msalvatore> I spent last week working through improvements/additions to some internal tooling.
16:43 <msalvatore> This week I'm focusing on performing security updates to some packages in universe.
16:44 <msalvatore> that's it for me. ebarretto, you're up.
16:44 <ebarretto> I'm in the happy place this week:
16:44 <ebarretto> - I'm working on libtomcrypt update ... planning on releasing it today.
16:44 <ebarretto> - next packages to be updated still to be decided.
16:44 <ebarretto> - if you find any issues on the updated packages, please let us know asap, thanks!
16:44 <ebarretto> - and thank you all that reported issues on jansson last week!
16:44 <ebarretto> ratliff, back to you
16:45 <ratliff> thank you!
16:45 <ratliff> [TOPIC] Highlighted packages
16:45 <ratliff> The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so.
16:45 <ratliff> See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:45 <ratliff> [TOPIC] Miscellaneous and Questions
16:45 <ratliff> Does anyone have any other questions or items to discuss?
16:48 <ratliff> jdstrand, mdeslaur, sbeattie, jjohansen, leosilva, msalvatore, ebarretto: Thanks!
16:48 <jjohansen> thanks ratliff
16:48 <ratliff> #endmeeting