16:37 <tyhicks> #startmeeting
16:37 <meetingology> Meeting started Mon Nov  6 16:37:27 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:37 <meetingology> 
16:37 <meetingology> Available commands: action commands idea info link nick
16:37 <tyhicks> The meeting agenda can be found at:
16:37 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:37 <tyhicks> [TOPIC] Announcements
16:37 <tyhicks> Lucas Kocia (lkocia) provided a debdiff for xenial for firewalld (LP: #1617617)
16:37 <ubottu> Launchpad bug 1617617 in firewalld (Ubuntu Xenial) "Firewall configuration can be modified by any logged in user" [Low,Fix released] https://launchpad.net/bugs/1617617
16:37 <tyhicks> Jeremy Bicha (jbicha) provided a debdiff for zesty for gdm3 (LP: #1729354)
16:37 <ubottu> Launchpad bug 1729354 in gdm3 (Ubuntu) "17.04: GDM lock screen can be circumvented when autologin is set" [High,Fix released] https://launchpad.net/bugs/1729354
16:37 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :)
16:37 <tyhicks> [TOPIC] Weekly stand-up report
16:37 <tyhicks> jdstrand: you're up
16:38 <mdeslaur> \o
16:38 <leosilva> o/
16:38 <jdstrand> hello
16:38 <jdstrand> Last week I focused primarily on the customer regression related to the expanded udev tagging work that landed in 2.28. This week I plan:
16:38 <jdstrand> * finish up some new spread tests based for better high-level coverage of security backcends
16:38 <jdstrand> * investigate the udev_enumerate regression ondra reported
16:38 <jdstrand> * investigate the broadcom-asic-control interfacec bug
16:38 <jdstrand> * snapd PR reviews
16:38 <jdstrand> * continue uid/gid work for snap privilege dropping
16:38 <jdstrand> s/based//
16:39 <jdstrand> that's it from me. mdeslaur, you're up
16:39 <mdeslaur> I'm on bug triage this week
16:39 <mdeslaur> I'm currently testing openssl updates. chrisccoulson managed to figure out the regression on armhf caused by the newer gcc on artful+ with some pretty impressive debugging work
16:40 <mdeslaur> and I have a big imagemagick update to look at
16:40 <mdeslaur> that's pretty much it for me, sbeattie?
16:41 <tyhicks> chrisccoulson: thanks for helping out with that openssl build failure
16:41 <tyhicks> chrisccoulson: that was quite impressive work
16:41 <chrisccoulson> no worries :)
16:41 <tyhicks> I'll go and maybe Steve will be around later
16:42 <tyhicks> I've got a couple more eCryptfs kernel patches to review and also need to prepare for the 4.15 merge window (only bug fixes to go up)
16:42 <tyhicks> oh, I'm in the happy place this week
16:43 <tyhicks> I have an embargoed issue
16:43 <tyhicks> and then I'll start work on squashfs reproduceability
16:43 <tyhicks> I got sidetracked last week as we were finalizing the apparmor move to gitlab and figuring out the new processes
16:43 <tyhicks> that's it for me
16:43 <jdstrand> chrisccoulson: btw, that was a pretty awesome debug :)
16:44 <tyhicks> jjohansen isn't around
16:44 <tyhicks> sarnold: you're up
16:44 <jdstrand> re squashfs reproducability> \o/
16:45 * tyhicks pokes sarnold again
16:45 <sarnold> I'm in the happy place this week; I'll be doing apparmor patch reviews as I can, and embargoed work
16:45 * mdeslaur hands tyhicks the memset magic wand
16:46 <sarnold> I think that should be it for me this week, chrisccoulson?
16:46 <chrisccoulson> I've got a firefox update to prepare, although the update isn't until next week. It's a big one though, so I wouldn't mind people installing it
16:47 <tyhicks> chrisccoulson: let us know when we can start using it
16:48 <chrisccoulson> Then there's rust 1.21. There's still 2 builds that don't complete successfully, but the failures are completely random. I'm not too sure what to do with these yet, but I want to avoid losing another week to this
16:48 <chrisccoulson> (I've just hit retry on one again actually whilst there's not a backlog of builds)
16:49 <sarnold> did we switch to using rust's llvm fork?
16:49 <chrisccoulson> And then hopefully I will actually get time to start working on other things
16:49 <chrisccoulson> sarnold, I've done that already. The only architecture it's caused a problem on is s390x (doesn't build there at all)
16:49 <chrisccoulson> I think that's me done
16:49 <sarnold> argh :/ I was hoping for better than that :(
16:50 <chrisccoulson> I'm hoping this works out better. The last rust update required around 6 patches backporting to llvm. This one intentionally broke a feature entirely with the system llvm. And the next release will require a whole new llvm version
16:51 <chrisccoulson> I can't remember who's next. ratliff?
16:51 <ratliff> I'm in the happy place this week
16:51 <ratliff> I have another article to write
16:52 <ratliff> More work on kpis
16:52 <ratliff> on to you leosilva
16:52 <leosilva> I'm community this week
16:52 <leosilva> I just push an update early
16:52 <leosilva> I'll try to work on vim update (but I'm skeptical about if the patch fix the issue)
16:52 <leosilva> other than that I'll follow with the normal hunting.
16:53 <leosilva> that's all for me... tyhicks it's back to you
16:53 <sbeattie> I can go.
16:53 <sbeattie> I'm on cve triage this week
16:53 <sbeattie> I have an openjdk-8 update to publish today
16:54 <sbeattie> I have some kernel triage stuff to catch up on
16:54 <sbeattie> I'll be looking at identifying needed snap updates
16:54 <sbeattie> And I have some background tasks to work on post the apparmor move to gitlab.
16:54 <sbeattie> That'll likely consume my week.
16:55 <sbeattie> tyhicks: back to you.
16:55 <tyhicks> thanks!
16:55 <tyhicks> [TOPIC] Highlighted packages
16:55 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:55 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:55 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/udfclient.html
16:55 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/pidgin.html
16:55 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/firebird2.5.html
16:55 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/tcptrack.html
16:55 <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/git-annex.html
16:55 <tyhicks> [TOPIC] Miscellaneous and Questions
16:55 <tyhicks> Does anyone have any other questions or items to discuss?
17:00 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff, leosilva: Thanks!
17:00 <tyhicks> #endmeeting