16:31 #startmeeting 16:31 Meeting started Mon Aug 6 16:31:08 2018 UTC. The chair is ratliff. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:31 16:31 Available commands: action commands idea info link nick 16:31 o/ 16:31 The meeting agenda can be found at: 16:31 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:31 [TOPIC] Announcements 16:31 We have no new announcements this week. 16:31 [TOPIC] Weekly stand-up report 16:32 jdstrand: you're up 16:32 This week I plan to work on: 16:32 - finishing the socketcall() deprecation in snapd 16:32 - brand store snap declarations 16:32 - various snapd PR reviews 16:32 - kubernetes-support interfaces 16:32 - embargoed issue 16:32 mdeslaur: you're up 16:34 I'm in the happy place this week 16:34 I'm travelling all week, I'll be back next tuesday 16:34 I'm doing some travel preparations today and re-spinning some embargoed packages 16:35 that's about it 16:35 sbeattie: you're up 16:35 I'm on bug triage this week 16:35 I have some kernel triage and signoffs to do. 16:35 I also have intel-microcode updates sitting in the security-proposed ppa to be tested and published. 16:35 I have an embargoed issue pending. 16:36 And I have a mountain of email to go through now that I'm back from vacation. 16:36 That's the highlights for me; jjohansen, you're up. 16:39 I'll go ahead and we can circle back around to jjohansen in a bit. 16:39 need to look into 1783922 and report regression around bind mounts on 4.18 16:39 I'm on CVE triage this week. 16:39 I'm working on an embargoed issue, internal work. 16:40 I also plan to publish information about our CVE assignments to MITRE this week (via github). 16:40 oops, jjohansen go ahead, sorry to interrupt 16:40 not at all 16:41 I need to look into 1783922 and report regression around bind mounts on 4.18 16:41 then I need to look into the latest revisions in dhowell's mount rework around apparmor 16:41 and I really need to try and get to mjgs secmark patch for apparmor, I expect that will take the rest of the week and then some 16:41 if I have time after those I will go back to the work needed to finish getting apparmor 3.0 out the door 16:41 the largest item remaining is dealing with the differences between 2 feature abi sets (kernel and policy) 16:42 thats it for me, sarnold you are up 16:42 I think that sarnold is travelling today 16:42 oh right, debconf 16:42 leosilva: you are up 16:42 I'm in the happy place 16:43 I finished some min ago the libxcursor usn and will follow to the next lftp 16:43 other than that I'm hunting 16:43 msalvatore: you're up 16:43 I'm in the happy place this week. 16:43 I spent last week working through improvements/additions to some internal tooling. 16:43 This week I'm focusing on performing security updates to some packages in universe. 16:44 that's it for me. ebarretto, you're up. 16:44 I'm in the happy place this week: 16:44 - I'm working on libtomcrypt update ... planning on releasing it today. 16:44 - next packages to be updated still to be decided. 16:44 - if you find any issues on the updated packages, please let us know asap, thanks! 16:44 - and thank you all that reported issues on jansson last week! 16:44 ratliff, back to you 16:45 thank you! 16:45 [TOPIC] Highlighted packages 16:45 The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. 16:45 See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:45 [TOPIC] Miscellaneous and Questions 16:45 Does anyone have any other questions or items to discuss? 16:48 jdstrand, mdeslaur, sbeattie, jjohansen, leosilva, msalvatore, ebarretto: Thanks! 16:48 thanks ratliff 16:48 #endmeeting