16:33 #startmeeting 16:33 Meeting started Mon Oct 30 16:33:18 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:33 16:33 Available commands: action commands idea info link nick 16:33 The meeting agenda can be found at: 16:33 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:33 [TOPIC] Weekly stand-up report 16:33 jdstrand: you're up 16:33 hey 16:33 * finalize snappy-debug fixes (based on sprint feedback) 16:33 * follow through on some policy updates for 2.29 16:33 * layouts reviews (as needed) 16:33 * various followups for two reported regressions in udev tagging/device cgroups 16:33 * verify uhid interface is working correctly after udev tagging 16:33 * look into broadcom-asic-control interface bug where interface is not connected if the module doesn't exist 16:33 * continue uid/gid seccomp arg filtering as have time 16:34 that's what I plan to work on this week ^ 16:34 mdeslaur: you're up 16:34 I'm on CVE triage this week 16:34 and I'm working on quagga updates 16:34 I'll be picking up something else after that 16:34 that's about it 16:35 sbeattie: you're up 16:35 I'm in the happy place this week 16:35 I've got a couple leftover tasks from the apparmor online sprint to finish up 16:36 kernel updates should be happening this week, so I need to finish some signoff tasks and publish USNs for those 16:36 I have openjdk-8 updates from tdaitx to test and publish 16:36 after all that, I'll try to pick up another update or two 16:36 that's it for me. tyhicks? 16:37 sbeattie: I think CVE tracking for snaps should still be a high priority for this week 16:37 I'm in the happy place this week 16:37 I'm still trying to get to eCryptfs kernel patch review 16:37 then I'll start working on squashfs image reproduceability 16:38 I also have some embargoed issues 16:38 sarnold: you're up (jj is out) 16:38 tyhicks: fair point. 16:39 sarnold isn't here yet 16:39 chrisccoulson: you're up 16:39 I've got a chromium update to test and publish 16:40 There was also an unscheduled firefox release last week which I wasn't aware of until after it happened. I'm not sure yet whether to ship that 16:40 Then I've got to get rust updated to 1.21 16:40 wee, rust updates. 16:40 I'd like to think I'd get time to do something else this week, but that hasn't worked very well in recent weeks 16:41 that's me done 16:41 leosilva, yeah, fun ;) 16:41 I'm in the happy place this week. 16:41 I have some writing assignments. When those are done, I want to work on integrating InfluxDB into our KPIs. 16:41 on to you, leosilva 16:42 I'm bug triage this week. 16:42 I did push some USN this morning 16:42 I have some bug to investigate in bug triage role 16:42 besides that I'll do my usual hunting for pkg to update. 16:42 That's all for me. 16:42 tyhicks: it's back to you! 16:43 thanks! 16:43 [TOPIC] Highlighted packages 16:43 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:43 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:43 https://people.canonical.com/~ubuntu-security/cve/pkg/git-hub.html 16:43 https://people.canonical.com/~ubuntu-security/cve/pkg/guacamole-client.html 16:43 https://people.canonical.com/~ubuntu-security/cve/pkg/revelation.html 16:43 https://people.canonical.com/~ubuntu-security/cve/pkg/ruby-rack.html 16:43 Does anyone have any other questions or items to discuss? 16:43 https://people.canonical.com/~ubuntu-security/cve/pkg/ettercap.html 16:43 [TOPIC] Miscellaneous and Questions 16:45 jdstrand, mdeslaur, sbeattie, ChrisCoulson, ratliff, leosilva: Thanks! 16:45 sorry I'm late, I lost track of time 16:45 thank you, tyhicks! 16:45 #endmeeting