== Meeting information == * #ubuntu-meeting Meeting, 09 Apr at 16:34 — 16:53 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-04-09-16.34.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Announcements === The discussion about "Announcements" started at 16:34. === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:35. * ''LINK:'' https://github.com/ubuntu === Highlighted packages === The discussion about "Highlighted packages" started at 16:47. === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:48. == Vote results == == Done items == * (none) == People present (lines said) == * ratliff (25) * jdstrand (13) * jjohansen (9) * mdeslaur (7) * sbeattie (6) * leosilva (5) * chrisccoulson (5) * jbicha (4) * sarnold (3) * meetingology (3) * ubottu (1) == Full Log == 16:34 #startmeeting 16:34 Meeting started Mon Apr 9 16:34:25 2018 UTC. The chair is ratliff. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:34 16:34 Available commands: action commands idea info link nick 16:34 The meeting agenda can be found at: 16:34 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:34 [TOPIC] Announcements 16:35 We have no announcements this week. 16:35 [TOPIC] Weekly stand-up report 16:35 jdstrand: you're up 16:36 \o 16:37 mdeslaur: why don't you go ahead. it looks like jdstrand is still wrapping up from a previous discussion 16:37 I'm on bug triage this week 16:37 I'm working on publishing some updates 16:37 at the moment 16:37 sorry, I'm here. I'll go after mdeslaur 16:37 and I have a couple of embargoed issues to look at 16:37 if I have time, I'll pick something else off the list 16:37 that's about it, jdstrand, you're up 16:37 https://github.com/ubuntu 16:38 let me try that again 16:38 This week I plan to work on: 16:38 - finish up miscellaneous updates branches for snapd (should be done this morning) 16:38 - enabling resquashfs enforcement in the review tools 16:38 - snap/usn notification (will start today) 16:38 - attend to high priority snapd reviews 16:38 - address conntrack deprecation issues in ufw for 18.04 SRU as have time 16:38 ratliff: note on the last point, I'm going to fix in SRU rather than release 16:39 jdstrand: ack 16:39 ratliff: it requires a bit of work to do correctly and I got pulled aside in different ways last week 16:39 I worked on it, but not enough to have it ready for release 16:39 sbeattie: you're up 16:39 I'm on cve triage this week 16:40 I also have a bunch of kernel cve triage and signoffs to look at 16:40 I'm still working on the gcc-4.6 retpoline backport. 16:40 I also have a kernel qrt issue for bionic's kernel to sort out. 16:41 if I have time, I'll pick up an update. 16:41 that's it for me. sarnold, I think you're next? 16:42 I'm in the happy place this week, running down the MIRs 16:42 pv at the moment, I think socat up next 16:42 that's it for me, chrisccoulson I think? 16:43 I'm expecting to have to do another thunderbird update this week 16:43 I've also got a couple of embargoed issues 16:44 I also plan to go through and triage all of the spidermonkey CVEs 16:44 I need to get python3.5 backported to trusty, as well as work on rust 1.25 updates, so I'm not too hopeful about being able to do anything fun this week 16:45 I think that's me done 16:45 I'm in the happy place this week. 16:45 I need to load the CVE triage data since January into Influx for the kpis. 16:45 I have some internal work to do. 16:46 I have sprint prep work. 16:46 leosilva: you are up 16:46 I'm community this week. 16:46 I have a patch update to work 16:46 Also a ruby cve triage/research before follow with ruby`s rounds 2 update 16:46 other than that I'll hunting and grab new pkgs to udpate 16:47 ratliff: it's back to you 16:47 I guess I'll squeeze in last 16:47 this week I am working on 16:47 - finishing up with LSM stacking work for bionic 16:47 - backporting all existing apparmor bug fixes for bionic 16:47 - the 4.17 apparmor pull request 16:47 - working on bug 1679704 16:47 - finishing up with the 2.13 changes for suse 16:47 - once that is done maybe I can start poking at the prompt mode work 16:47 bug 1679704 in apparmor (Ubuntu) "libvirt profile is blocking global setrlimit despite having no rlimit rule" [Critical,In progress] https://launchpad.net/bugs/1679704 16:47 ratliff: back to you 16:47 thanks, jjohansen! 16:47 [TOPIC] Highlighted packages 16:48 The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. 16:48 See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:48 [TOPIC] Miscellaneous and Questions 16:48 Does anyone have any other questions or items to discuss? 16:51 y'all decided against doing a bionic archive-rebuild for spectre mitigation, right? 16:51 jbicha: yes 16:51 the performance regression was too high for a questionable security return 16:52 performance regression? are only certain whitelisted packages using repotline? 16:52 anyway, I don't want to hold up your meeting 16:53 jbicha: we can discuss in #ubuntu-hardened 16:53 jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, chrisccoulson, leosilva: Thanks! 16:53 sure, thanks 16:53 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)