16:31 #startmeeting 16:31 Meeting started Mon Nov 21 16:31:51 2016 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:31 16:31 Available commands: action commands idea info link nick 16:31 \o 16:31 The meeting agenda can be found at: 16:32 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 [TOPIC] Weekly stand-up report 16:32 jdstrand: you're up 16:32 hey 16:33 very short week this week. I'm working on the dbus interface for snappy primarily 16:34 I will finish up a small PR to snap-confine 16:34 and do various PR reviews 16:34 if I have time, I'll start poking at network-namespace 16:34 that is it from me 16:34 (I'm off Wed-Fri) 16:35 I'm on community this week 16:35 I just published imagemagick updates 16:35 and I have a couple of other updates to test 16:35 and then will pick something else off the list, that's about it 16:35 hrm, 16:35 s beattie isn't here I think...who's next? 16:36 me 16:36 short week for me this week (off thursday and friday) 16:36 I'm on cve triage 16:36 I have an embargoed issue 16:37 I still need to do the apparmor 14.04 SRU followups 16:37 I have some ecryptfs issues to look at 16:37 inode timestamps issue (LP: #1636890) 16:37 Launchpad bug 1636890 in linux (Ubuntu) "invalid file times with overlayroot and encrypted home" [Undecided,Confirmed] https://launchpad.net/bugs/1636890 16:37 crypto api usage issue 16:37 and I have some work planning work to do 16:37 that's it for me 16:37 jjohansen: you're up 16:38 I am working on bugs, upstreaming and I have an apparmor rebase for 4.9-rc7 to do 16:38 I am still chasing down a couple of reference counting bugs 16:39 another rebase is needed for a change this late in the cycle? 16:40 and waiting for feedback on the lxc cross ns issue, and the rawdata interface, so I may endup working on those well 16:40 tyhicks: yes, linus pulled in my patch to upstream changehat which breaks the patches for the ubuntu kernel 16:40 jdstrand, jjohansen: I just noticed that kernel SRU bug #1634753 is needing verification in trusty 16:40 bug 1634753 in AppArmor "srcname from mount rule corrupted under load" [Critical,In progress] https://launchpad.net/bugs/1634753 16:40 its nothing major, but I want to have the rebase ready for the kt 16:41 ok 16:41 tyhicks: ack I look into that 16:41 hmm, that bug is going to be difficult to verify on trusty 16:41 its a short week for me I am off wed - mon 16:42 sarnold: you're up 16:42 I'm in the happy place this week 16:42 I'd like to finish libsmbios before the holidays 16:43 but I'm also working on 1642386 which feels like a higher priority (I don't know how many people are affected, but it does seem to be more than just me) 16:44 that's it for me, chrisccoulson? 16:44 I've got an oxide update to get out this week 16:44 I've also got 3 build failures I need to fix 16:45 Other than that, I plan to make some progress on https://blueprints.launchpad.net/oxide/+spec/ubuntu-webview-implementation, which I didn't manage last week because of another bug 16:45 That's me done 16:45 I'm in the happy place this week and off on Thursday and Friday 16:45 I am working on a number of internal communication, coordination and planning activities. 16:46 I am also continuing to work on my universe project as time permits. There are over 900 CVE/release combos that are marked needed or needs-triage that are noted as fixed in the debian changelog 16:47 back to you tyhicks 16:47 thanks! 16:47 [TOPIC] Highlighted packages 16:47 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:47 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:47 http://people.canonical.com/~ubuntu-security/cve/pkg/wine-gecko2.21.html 16:47 http://people.canonical.com/~ubuntu-security/cve/pkg/geshi.html 16:47 http://people.canonical.com/~ubuntu-security/cve/pkg/sun-javadb.html 16:47 http://people.canonical.com/~ubuntu-security/cve/pkg/libmodplug.html 16:47 http://people.canonical.com/~ubuntu-security/cve/pkg/nsd.html 16:47 [TOPIC] Miscellaneous and Questions 16:47 Does anyone have any other questions or items to discuss? 16:47 Nope just want to give my quarterly applause to the Security Team for their ongoing hard work :) 16:49 thanks teward :) 16:50 yse, thanks teward :) 16:50 yes* 16:50 jdstrand, mdeslaur, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks! 16:50 #endmeeting