16:32 #startmeeting 16:32 Meeting started Mon Aug 22 16:32:14 2016 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:32 16:32 Available commands: action commands idea info link nick 16:32 hi 16:32 The meeting agenda can be found at: 16:32 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 [TOPIC] Weekly stand-up report 16:33 mdeslaur: go ahead (jd strand is in the middle of a conversation in another channel) 16:33 I'm on cve triage this week 16:33 I am working on libidn updates, if I can get them to build 16:33 and I have harfbuzz updates to test 16:34 I'll be picking something else off the list and I'm leaving for two weeks vacation on friday 16:34 that's it for me 16:34 sbeattie: you're up 16:34 mdeslaur: vacation> woo, nice! 16:34 oh, tomorrow I have patch piloting also 16:34 I'm in the happy place this week 16:35 I have an embargoed issue I'm working on 16:36 I have some apparmor upstream work to do (reviews, etc) 16:36 I need to get back to looking for pie-related build failures 16:36 I'll also try to pick up an update or two this week 16:37 that's probably it for me. tyhicks? 16:38 I'm on community duty this week 16:38 I'll work towards landing a policy adjustment for the fix for bug #1260103 16:38 bug 1260103 in Canonical System Image "oxide should use an app-specific path for shared memory files" [Medium,In progress] https://launchpad.net/bugs/1260103 16:40 I need to do some code review around some shim changes 16:40 then I really need to get some time to focus on the seccomp logging changes 16:40 and maybe do some reviews tools work for squashfs issues 16:40 * jdstrand can go whenever 16:41 go ahead jdstrand 16:41 last week was dominated by PR reviews: docker (getting there), udisks2/pluggable-storage (close to landing), fuse (merged), fwupd (getting there), lxd 16:41 last week also involved coordinating an investigation and designing how to deal with bug #1611444 for devmode (and a few other things). snappy team assigned to the implementation (which will require review from us) 16:41 bug 1611444 in Snappy Launcher "Cannot share a namespaces created with 'ip netns' between apps in a devmode SNAP" [Critical,In progress] https://launchpad.net/bugs/1611444 16:41 I was assigned some new high priority items: 16:41 takeover lxd interface and implement lxd-support based on discussions with snappy team 16:41 work with desktop team on browser policy 16:41 discuss availability of commamds in core to snap interfaces 16:41 network-namespace (TBD) interface for allowing snaps to use other network namespaces 16:41 A couple of policy bugs came in from high profile stakeholders, so I need to fix those and a handful of other small policy bugs 16:41 I'll try to be responsive to the aforementioned PR reviews as best I can, but these highest priority items will backburner some things for a little bit 16:42 the dbus-app PR is getting requests again. I'm not going to move to it til I'm through the higher priority cards though unless told otherwise 16:43 that's it from me 16:43 that sounds like the right approach to me, jdstrand 16:43 jjohansen: go ahead 16:44 I am going to be spending most of my week on the Linux Security Summit 16:45 any other time is going to be spent on bug fixing and upstreaming apparmor 16:46 bug 1579135 in particular 16:46 bug 1579135 in apparmor (Ubuntu) "AppArmor profile reloading causes an intermittent kernel BUG" [Critical,Incomplete] https://launchpad.net/bugs/1579135 16:47 thanks for working on that 16:47 chrisccoulson: you're up 16:48 I'm catching up from last week - getting through my email backlog and untangling all of the chromium changes over the last week 16:49 I'll also probably do firefox 48.0.1, as there's a few bug fixes in that 16:50 Other than that, I'll be working through oxide bugs as usual 16:50 I think that's me done 16:50 I'm shadowing sarnold doing Bug Triage this week 16:50 Also continuing to work on unity 8 MIRs 16:50 back to you tyhicks 16:52 thanks 16:52 [TOPIC] Highlighted packages 16:52 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:52 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/perdition.html 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/tripleo-image-elements.html 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/php-mail.html 16:53 http://people.canonical.com/~ubuntu-security/cve/pkg/shellinabox.html 16:53 http://people.canonical.com/~ubuntu-security/cve/pkg/radare2.html 16:53 [TOPIC] Miscellaneous and Questions 16:53 Does anyone have any other questions or items to discuss? 16:53 jdstrand: I wanted to mention that jasper has already been demoted 16:53 cool 16:53 (you had planned to help me with that once it was time) 16:53 thanks 16:54 np 16:54 Oh, I converted the debian2ubuntu bzr tree to git last night, but kees owns the project so I haven't been able to put it in place as the official branch. 16:54 nice 16:55 It's at https://code.launchpad.net/~ubuntu-security/debian2ubuntu/+git/debian2ubuntu 16:55 sbeattie: has the kernel team started using the QRT git tree? 16:55 yeah, bjf moved over this weekend 16:55 great 16:56 he's still wanting the subproject stuff, to get the download sizes down. 16:56 (can't blame him) 16:56 agreed 16:56 I'm hoping to poke at that in the background. 16:56 I have no experience with submodules so I won't be of any help 16:57 I'm anxious to see how it works out 16:57 but do let me know if there are general git questions that I can help with 16:58 Thanks. 16:58 jdstrand, mdeslaur, sbeattie, jjohansen, ChrisCoulson, ratliff: Thanks! 16:58 #endmeeting