16:31 #startmeeting 16:31 Meeting started Mon Jun 5 16:31:00 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:31 16:31 Available commands: action commands idea info link nick 16:31 The meeting agenda can be found at: 16:31 \o 16:31 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:31 [TOPIC] Announcements 16:31 Roger A. Light (ral) provided debdiffs for trusty-artful for mosquitto (LP: #1692818) 16:31 Launchpad bug 1692818 in mosquitto (Ubuntu) "Mosquitto pattern ACLs can be circumvented with special client ids or usernames" [Undecided,Fix released] https://launchpad.net/bugs/1692818 16:31 Thank you for your assistance in keeping Ubuntu users secure! :) 16:31 [TOPIC] Weekly stand-up report 16:31 mdeslaur: you're up 16:31 I'm on bug triage this week 16:31 and I'm currently publishing puppet and libtasn updates 16:32 I have a couple more to test, then I'll be picking something else off the list 16:32 that's it, sbeattie? 16:33 I'm on cve triage this week 16:33 I have an embargoed issue on my plate 16:34 I'm working on a sudo update 16:34 and I'll have some kernel triage bits to handle, too 16:34 That's probably my week. 16:34 tyhicks: over to you 16:35 I'm in the happy place this week 16:35 I have eCryptfs patch review to do (kernel and userspace patches) 16:35 they've been piling up 16:35 I'd like to make progress on the seccomp kernel patches but I think I need to catch up with kees first on a remaining design issue 16:36 would be nice to finish my elfutils updates 16:36 additional security updates as time allows 16:36 jjohansen: you're up 16:36 I have and LSS talk/discussion proposal to get together 16:37 and I will have LSS program committee duties/voting todo this week too 16:37 I need to finish up the merge against the security tree, which finally merged again 4.12 16:38 and then I have a little more patch work to finish up to get a pull request out 16:39 After that I will need to look at a few bugs, update suse on the 4.13 kernel for the Fate request around snappy 16:40 and hopefully get a start on the 4.14 upstreaming 16:40 thats about it for me, sarnold you're up 16:40 I'm in the happy place; I have two more sponsored updates from last week to finish off if no one has said they broke anything important, finish the xdelta3 mir, and review whatever patches jjohansen feels would be worth reviewing 16:41 I think that covers it; is chrisccoulson around or is uk on holiday? 16:41 I'm here 16:42 I've got firefox updates to prepare this week. Also, I think it's chrome release week (although I've not been tracking that closely anymore), which means chromium updates too 16:42 Also working on an embargoed issue 16:42 That's me done 16:43 ratliff: you're up 16:43 I'm on community this week. 16:43 I will spend most of my week focused on internal duties. 16:43 The rest I will spend on technical communication and updates to Ubuntu Core 15 16:44 back to you, tyhicks 16:45 thanks 16:45 [TOPIC] Highlighted packages 16:45 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:45 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:45 http://people.canonical.com/~ubuntu-security/cve/pkg/hexchat.html 16:45 http://people.canonical.com/~ubuntu-security/cve/pkg/yodl.html 16:45 http://people.canonical.com/~ubuntu-security/cve/pkg/snort.html 16:45 http://people.canonical.com/~ubuntu-security/cve/pkg/davfs2.html 16:45 http://people.canonical.com/~ubuntu-security/cve/pkg/ironic.html 16:45 [TOPIC] Miscellaneous and Questions 16:45 Does anyone have any other questions or items to discuss? 16:48 mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks! 16:48 #endmeeting