== Meeting information == * #ubuntu-meeting Meeting, 20 Aug at 16:43 — 17:02 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-08-20-16.43.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Announcements === The discussion about "Announcements" started at 16:44. === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:46. === Highlighted packages === The discussion about "Highlighted packages" started at 16:57. === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:58. * ''LINK:'' https://ubuntusecuritypodcast.org * ''LINK:'' https://ubuntusecuritypodcast.org == Vote results == == Done items == * (none) == People present (lines said) == * jdstrand (41) * tsimonq2 (10) * sbeattie (7) * chrisccoulson (6) * mdeslaur (5) * ebarretto (5) * leosilva (4) * jjohansen (4) * sarnold (3) * meetingology (3) == Full Log == 16:43 #startmeeting 16:43 Meeting started Mon Aug 20 16:43:49 2018 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:43 16:43 Available commands: action commands idea info link nick 16:43 \o 16:44 The meeting agenda can be found at: 16:44 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:44 [TOPIC] Announcements 16:44 The generalist role rotation for this week as follows: CVE Triage: ebarretto, Bug Triage: msalvatore, Community: sarnold, Happy Place: amurray, mdeslaur, sbeattie, leosilva 16:44 Thanks to Unit193 for help on security updates for the community supported cgit last week. This work is very much appreciated and will keep Ubuntu users secure. Great job! :) 16:45 The Ubuntu Security Team is hiring! 16:45 * Ubuntu Security engineer: https://boards.greenhouse.io/canonical/jobs/1158266?t=8c0a6c1f1 16:46 * Ubuntu Security manager: https://boards.greenhouse.io/canonical/jobs/1278287?t=8c0a6c1f1 16:46 [TOPIC] Weekly stand-up report 16:47 I'll go first 16:47 This week I plan to work on: 16:47 * brand store snap declarations 16:47 * big anbox-support review 16:47 * kubernetes-support interfaces 16:47 * various snapd PR reviews 16:47 * various internal tasks 16:47 * embargoed item 16:47 I'll also proxy for amurray 16:48 He says: 16:48 "I'm in the happy place this week. 16:48 This week I'm focusing on some internal work 16:48 Will also be looking at updating ceph and then moving on to other reactive package updates" 16:48 mdeslaur: you're up 16:48 I'm in the happy place this week 16:48 I am working on two embargoed issues 16:49 and have a few things to finish before going on vacation 16:49 that's about it, sbeattie, you're up 16:49 I'm also in the happy place this week. 16:49 I've got the usual bit of kernel cve triage and signoffs to do. 16:49 I'm still working on a bind9 update 16:50 Oh, and I have an openjdk for bionic update to publish 16:50 I'll try to pick up another update off the list 16:50 There's also some apparmor upstream merge requests I need to review. 16:50 That's probably it for me. jjohansen? 16:51 I have to finish up with my LSS presentation, and spends time with LSM stacking this week. 16:51 I'll sqeeze in some apparmor patch review, and maybe even some apparmor 3 patch revision. 16:51 That should pretty much consume the week 16:51 sarnold: you are up 16:53 sarnold: stepped away for a moment. let's go to chrisccoulson 16:53 s/:// 16:53 I plan to update spidermonkey in bionic this week 16:53 I also want to get thunderbird 60 in the security PPA and tested, ready for the next release 16:53 I need to fix an upgrade issue with the rust update I did last week 16:54 chrisccoulson: regression? something else? 16:54 I should have enough time to take on some other stuff this week 16:54 jdstrand, I think I just need to fix a Breaks / Replaces somewhere to make the update from the previous version work properly 16:55 that's me done 16:55 leosilva: you're up (note, Mike is out today so Eduardo after you) 16:55 ok 16:55 I'm in the happy place this week 16:56 I just finished wpa USN and I'm working on spice. Other than that I'll keep looking for other updates to do. 16:56 ebarretto: it's up to you 16:56 I'm in the CVE triage this week: 16:56 - I've done already some CVE triage for today and will continue on it for this week 16:56 - I'm re-triaging some CVEs for ffmpeg 16:56 - I will update other packages ... still to be decided. 16:57 jdstrand, back to you 16:57 thanks 16:57 sarnold: chime in when you are back 16:57 [TOPIC] Highlighted packages 16:58 The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security 16:58 updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:58 [TOPIC] Miscellaneous and Questions 16:58 Does anyone have any other questions or items to discuss? 16:58 Found this on Twitter: https://ubuntusecuritypodcast.org/ 16:59 It seems amurray is doing/did a podcast. :) 16:59 tsimonq2: yes, that is from our esteemed Tech Lead, amurray :) 16:59 :D 16:59 * jdstrand hugs amurray for doing the podcast 16:59 Just thought I'd mention it on the record. 17:00 tsimonq2: yes, thank you. we definitely want that noted :) 17:00 * sarnold returns 17:00 #link https://ubuntusecuritypodcast.org 17:00 Does that work? 17:00 hmm 17:00 [LINK] https://ubuntusecuritypodcast.org 17:00 ¯\_(ツ)_/¯ 17:00 Whatever. :) 17:01 I'm on community this week, working down the MIRs, still reading the gtk portal backend 17:02 jdstrand: /me chimes 17:02 sarnold: hehe, thanks :) 17:02 mdeslaur, sbeattie, jjohansen, sarnold, chrisccoulson, leosilva, ebarretto, tsimonq2: thanks! 17:02 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)