16:31 <jdstrand> #startmeeting
16:31 <jdstrand> The meeting agenda can be found at:
16:31 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:31 <meetingology> Meeting started Mon Sep 24 16:31:46 2018 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:31 <meetingology> 
16:31 <meetingology> Available commands: action commands idea info link nick
16:31 <jdstrand> [TOPIC] Announcements
16:31 <jdstrand> The generalist role rotation for this week as follows:
16:31 <jdstrand> CVE Triage: sarnold, Bug Triage: sbeattie, Community: amurray, Happy Place: mdeslaur, leosilva, ebarretto,  msalvatore
16:32 <jdstrand> The Ubuntu Security Team is hiring! Please see: Ubuntu Security engineer: https://boards.greenhouse.io/canonical/jobs/1158266?t=8c0a6c1f1
16:32 <jdstrand> [TOPIC] Weekly stand-up report
16:32 <jdstrand> I'll go first
16:32 <jdstrand> This week I plan to work on:
16:32 <jdstrand> * continue brand store snap declarations
16:32 <jdstrand> * continue kubernetes-support interfaces
16:32 <jdstrand> * various snapd PR reviews
16:32 <jdstrand> * iterate on docker PRs
16:33 <jdstrand> that's it from me. mdes laur is off today. sbeattie, you're up
16:33 <sbeattie> I'm on bug triage this week
16:33 <sbeattie> I have an imagemagick update to finish up
16:34 <sbeattie> I have some kernel signoffs to complete and the usual kernel cve triage to handle
16:34 <sbeattie> I also have an embargoed issue on my plate
16:34 <sbeattie> I also have some apparmor tasks to look at.
16:35 <sbeattie> That'll more than likely consume my week.
16:35 <sbeattie> jjohansen: over to you.
16:37 <jdstrand> let's come back to jjohansen
16:37 <jdstrand> sarnold: go ahead
16:37 <jjohansen> oops sorry
16:37 <ebarretto> jdstrand, sarnold is out today
16:38 <jdstrand> oh, I forgot
16:38 <jdstrand> CheGuevara978: go ahead
16:39 <jdstrand> meh
16:39 <jdstrand> CheGuevara978: nm
16:39 <jdstrand> chrisccoulson: go ahead
16:39 <chrisccoulson> heh
16:39 <chrisccoulson> I'm expecting a firefox update from the desktop team this week to test and publish
16:39 <chrisccoulson> I'm also working on the woff2 MIR
16:40 <chrisccoulson> those shouldn't take up my whole week, so I'll be available to take on some other stuff too
16:40 <chrisccoulson> that's me done
16:40 <jdstrand> chrisccoulson: can you pick the next item off the reviews lane?
16:41 <jdstrand> leosilva: go ahead
16:41 <chrisccoulson> jdstrand, sure
16:41 <jdstrand> chrisccoulson: thanks!
16:41 <ebarretto> jdstrand, leosilva is also out this week
16:42 <jdstrand> jeez
16:42 <jdstrand> ebarretto: perhaps I should have run this by you :)
16:42 <jdstrand> ebarretto: thanks
16:42 <jdstrand> msalvatore: go ahead
16:42 <msalvatore> I'm in the happy place this week.
16:43 <msalvatore> I'm planning on focusing on CVE fixes all week unless something else comes up.
16:43 <msalvatore> That's it for me.
16:44 <jdstrand> msalvatore: did you have particular fixes in mind?
16:44 <jdstrand> msalvatore: in terms of source packages?
16:45 <msalvatore> jdstrand: I'm working through a lot of re-triage ATM. I'm pushing out a fix for sleuthkit today. After that, I may tackle some nodejs issues.
16:45 <jdstrand> cool, thanks
16:45 <jdstrand> ebarretto: you're up
16:45 <jdstrand> ebarretto: you're not going to tell me you are off today are you?
16:45 <ebarretto> jdstrand, nope heeheh
16:46 <ebarretto> I'm in the happy place this week:
16:46 <ebarretto> - I am working on updating opencv for bionic and devel, just finishing tests
16:46 <ebarretto> - I am also working on updating hdf5 for bionic and devel, also finishing tests
16:46 <ebarretto> - I will also work on libav for trusty (this might take some time based on the number of CVEs for this package)
16:46 <ebarretto> - continue retriaging CVEs
16:46 <ebarretto> that's it for me
16:46 <jdstrand> jjohansen: go ahead
16:46 <jjohansen> I am working on apparmor items for the 4.20 pull request: mjg secmark patch, kernel_t label for kernel network tasks, and the nonewprivs work. In addition I am work on LSM stacking patches
16:47 <jjohansen> that is it for me and will take me well beyond this week :(
16:48 <jdstrand> [TOPIC] Highlighted packages
16:48 <jdstrand> The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security
16:48 <jdstrand> updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:48 <jdstrand> [TOPIC] Miscellaneous and Questions
16:48 <jdstrand> Does anyone have any other questions or items to discuss?
16:49 <jdstrand> sbeattie, jjohansen, chrisccoulson, msalvatore, ebarretto: thanks!
16:50 <jdstrand> #endmeeting