16:31 <tyhicks> #startmeeting
16:31 <meetingology> Meeting started Mon Jun 20 16:31:48 2016 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:31 <meetingology> 
16:31 <meetingology> Available commands: action commands idea info link nick
16:31 <mdeslaur> \o
16:31 <jjohansen> o/
16:32 <tyhicks> The meeting agenda can be found at:
16:32 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:32 <tyhicks> [TOPIC] Announcements
16:32 <tyhicks> Stefan Bader (smb) provided debdiffs for precise-xenial for xen
16:32 <tyhicks> Otto Kekäläinen (otto) provided debdiffs for wily-xenial for mariadb-10.0 (LP: #1589302)
16:32 <ubottu> Launchpad bug 1589302 in mariadb-10.0 (Ubuntu Yakkety) "USN-2953-1: MySQL vulnerabilities partially applies to MariaDB too" [Medium,Fix released] https://launchpad.net/bugs/1589302
16:32 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :)
16:32 <tyhicks> [TOPIC] Weekly stand-up report
16:32 <tyhicks> mdeslaur: you're up
16:32 <mdeslaur> I'm in the happy place this week, and I'm off wed-fri
16:32 <mdeslaur> I'm currently about to publish a bunch of updates
16:32 <mdeslaur> and I have a few more to test and publish tomorrow
16:33 <mdeslaur> I want to update the uefi secure boot testing instructions if I have time
16:33 <mdeslaur> that's about it from me, sbeattie?
16:34 <sbeattie> I'm on community this week
16:34 <sbeattie> I need to finish up a couple of todos from the sprint last
16:35 <sbeattie> I'll pick up an update or to this week
16:35 <sbeattie> I'm also looking for pie-related build failures in the background.
16:35 <sbeattie> I may also take friday off.
16:36 <sbeattie> that's probably it for me. tyhicks?
16:36 <tyhicks> I'm on bug triage this week and I'll be covering CVE triage today and tomorrow
16:36 <tyhicks> I have quite a few sprint followups/todos
16:37 <tyhicks> I have lingering email catchup to do from the last two weeks (vacation and then sprinting kept me from some things)
16:37 <tyhicks> I need to remind myself where I was at with the yakkety apparmor upload, complete that, and then move on to the xenial SRU
16:38 <tyhicks> I have some snap-confine PR reviews to do (seccomp arg filtering and some others that landed without security team review)
16:38 <tyhicks> then I'd like to move on to seccomp complain mode for snappy's devmode
16:38 <tyhicks> that's it for me
16:38 <tyhicks> jjohansen: you're up
16:39 <jjohansen> I'm working on making sure apparmor stacking is ready to be opened up to user name spaces
16:40 <jjohansen> I have a few TODOs to finish up from last weeks sprint, and I have a neglected upstream kernel pull-request to finish getting together and push out
16:41 <jjohansen> I also have the 4.7 apparmor rebase to finish with and push to the kt
16:41 <jjohansen> and I will be taking thurs and friday off
16:42 <jjohansen> oh and I suppose if I can squeeze it in I will push up the current set of apparmor 3.5 fixes to the kt for xenial
16:42 <jjohansen> thats it for /me tyhicks back to you
16:42 <tyhicks> sounds like you'll have a more than full week for only 3 days
16:43 <tyhicks> there's probably no need to work on the 3.5 fix pull request this week
16:43 <tyhicks> chrisccoulson: you're up
16:43 <jjohansen> heh, yeah, like I said if I can squeeze it in :)
16:43 <chrisccoulson> I've got one follow-up todo from last week (creating instructions for doing flash updates).
16:44 <chrisccoulson> I don't have any other updates planned this week
16:45 <chrisccoulson> Other than that, I'll hopefully be able to test the browser on arm64. So I'll be spending time this week fixing any issues that result from that
16:45 <chrisccoulson> I think that's me done
16:46 <tyhicks> sounds like a nice week
16:46 <tyhicks> ratliff: your turn
16:46 <ratliff> I am working on todos from the sprint and misc. management tasks
16:47 <ratliff> I want to finish the transition tasks from jdstrand and start playing with the uct tools
16:47 <ratliff> I will be off on Friday (travelling)
16:47 <ratliff> back to you tyhicks
16:48 <tyhicks> thanks!
16:48 <tyhicks> [TOPIC] Highlighted packages
16:48 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:48 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:48 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/pngcrush.html
16:48 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/inn.html
16:48 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/minissdpd.html
16:48 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gitlab.html
16:48 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/tardiff.html
16:48 <tyhicks> [TOPIC] Miscellaneous and Questions
16:48 <tyhicks> Does anyone have any other questions or items to discuss?
16:49 <sbeattie> tyhicks: I have one more item on my plate this week, I may need to spend some time looking at why aslr tests are failing on ppc64el and s390: https://launchpad.net/bugs/1594347
16:49 <ubottu> Launchpad bug 1594347 in QA Regression Testing "kernel-security aslr tests failing on ppc64el and zseries" [Undecided,New]
16:49 <chrisccoulson> oh, the "no updates planned" from me isn't true - I've got an oxide update to do
16:50 <tyhicks> sbeattie: huh... let me know if you aren't able to get to it before taking friday (if you take off friday)
16:51 <tyhicks> s/before taking friday/before friday/
16:51 <tyhicks> chrisccoulson: ack
16:51 <tyhicks> mdeslaur, sbeattie, jjohansen, ChrisCoulson, ratliff: Thanks!
16:51 <tyhicks> #endmeeting