#ubuntu-meeting log

16:30 <jdstrand> #startmeeting
16:30 <meetingology> Meeting started Mon Aug 27 16:30:29 2018 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:30 <meetingology> 
16:30 <meetingology> Available commands: action commands idea info link nick
16:30 <jdstrand> The meeting agenda can be found at:
16:30 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:30 <jdstrand> [TOPIC] Announcements
16:30 <jdstrand> The generalist role rotation for this week as follows:
16:30 <jdstrand> CVE Triage: leosilva, Bug Triage: ebarretto, Community: msalvatore, Happy Place: sarnold, sbeattie, amurray
16:31 <jdstrand> Thanks to Thomas Opfer for help on security updates for the community supported tomcat8 last week. This work is very much appreciated and will keep Ubuntu users secure. Great job! :)
16:31 <jdstrand> Thanks to Thomas Opfer for help on security updates for the community supported tomcat8 last week. This work is very much appreciated and will keep Ubuntu users secure. Great job! :)
16:31 <jdstrand> whoops
16:31 <jdstrand> I was so appreciative, I thanked Thomas twice! :)
16:31 <jdstrand> The Ubuntu Security Team is hiring! Please see:
16:31 <jdstrand> - Ubuntu Security engineer: https://boards.greenhouse.io/canonical/jobs/1158266?t=8c0a6c1f1
16:31 <jdstrand> - Ubuntu Security manager: https://boards.greenhouse.io/canonical/jobs/1278287?t=8c0a6c1f1
16:31 <jdstrand> Due to US holiday on September 3rd, the next meeting will be on September 10.
16:31 <jdstrand> [TOPIC] Weekly stand-up report
16:31 <jdstrand> I'll go first. This week I plan to:
16:31 <jdstrand> - continue brand store snap declarations (ie, review MRs)
16:31 <jdstrand> - continue kubernetes-support interfaces (ie, assist k8s team with questions, iterate on PoC interfaces)
16:31 <jdstrand> - various snapd PR reviews (eg, anbox-support, et all)
16:31 <jdstrand> - iterate on audio-playback/record interfaces
16:31 <jdstrand> I'll also proxy amurray's report. He plans to:
16:32 <jdstrand> - continue the ceph update
16:32 <jdstrand> - continue various internal work
16:32 <jdstrand> - move to another reactive update as time allows
16:32 <jdstrand> I'll also report for jjohansen and simply say that he is attending the Linux Security Summit
16:32 <jdstrand> sbeattie, you're up (when you're done, feel free to skip John and go straight to sarnold). sarnold, Chris is off today so go straight to Leo.
16:34 <jdstrand> sarnold: why don't you go and we'll circle back to sbeattie
16:34 <sbeattie> jdstrand: I'm here
16:34 <sbeattie> I'm in the happy place this week
16:34 <sbeattie> I'm in the middle of publishing intel-microcode updates
16:35 <sbeattie> I have a couple of laggard kernels that I need to publish USNs for, as well as the usual rounds of kernel CVE triage
16:35 <sbeattie> I have an openjdk-lts/bionic regression fix to test and publish.
16:36 <sbeattie> I'm also in the process of sponsoring mariadb updates.
16:36 <sbeattie> And I need to get back to the bind9 updates I'm in the middle of.
16:36 <sbeattie> If I can get through that, I'll pick up another update off the list.
16:37 <sbeattie> I also need to look at outstanding apparmor merges, and investigate some test failures for jjohansen
16:37 <sbeattie> That's it for me; sarnold, you're up.
16:37 <sarnold> I'm in the happy place this week, getting caught up on the community tasks from lsat week, and hopefully returning to the xdg-desktop-portal-gtk mir; as well as sales trip prep.
16:37 <sarnold> if jj's got apparmor patches that need reviewing, I'll do what I can there, too
16:37 <sarnold> that's it for me, leosilva?
16:38 <leosilva> I'm in cve triage this week
16:38 <leosilva> I just finished a libgd2 update a few min ago.
16:38 <leosilva> I also have flask and poppler on my stack.
16:38 <leosilva> Other than that I'll do my usual hunting for others updates
16:39 <leosilva> ebarretto: that's you up? (I think)
16:39 <ebarretto> I'm in Bug triage this week:
16:39 <ebarretto> - Just going through the list of bugs
16:39 <jdstrand> leosilva: Mike is technically after you, but he can go after Eduardo today :)
16:40 <ebarretto> - I've updated ffmpeg last week
16:40 <ebarretto> - I've released a new package update through ESM today
16:40 <ebarretto> - I will pick a new package to update
16:40 <leosilva> I thought he was on lunch of out no?
16:40 <jdstrand> ebarretto: do you have an idea what that is? (in general it would be nice to state the package to work on here)
16:41 <ebarretto> jdstrand, not yet ... need to go through the list and choose one
16:41 <jdstrand> leosilva: yes, that's what he said, but not sure when he planned to return
16:42 <jdstrand> ebarretto: that's fine. for future meeting, can your meeting prep include that?
16:42 <jdstrand> future meetings*
16:42 <ebarretto> sure, will do
16:42 <jdstrand> thanks
16:42 <jdstrand> leosilva: hmm, Mike isn't even in the channel! :)
16:43 <jdstrand> ok, moving on
16:43 <jdstrand> [TOPIC] Highlighted packages
16:43 <jdstrand> The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security
16:43 <jdstrand> [TOPIC] Miscellaneous and Questions
16:43 <jdstrand> updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:43 <jdstrand> Does anyone have any other questions or items to discuss?
16:44 <jdstrand> sbeattie, sarnold, leosilva, ebarretto: thanks!
16:44 <jdstrand> #endmeeting