16:30 #startmeeting 16:30 Meeting started Mon Jun 11 16:30:14 2018 UTC. The chair is ratliff. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:30 16:30 Available commands: action commands idea info link nick 16:30 The meeting agenda can be found at: 16:30 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:30 [TOPIC] Announcements 16:30 Thanks to Corey Bryant (coreycb) for providing a debdiff for bionic for python-oslo.middleware (LP: #1628031). 16:30 Launchpad bug 1628031 in OpenStack Security Advisory "[OSSA-2017-001] CatchErrors leaks sensitive values in oslo.middleware (CVE-2017-2592)" [High,Fix released] https://launchpad.net/bugs/1628031 16:30 Thanks to Simon Deziel (sdezial) for provided debdiffs for artful and bionic for unbound (LP: #1773720). 16:30 Launchpad bug 1773720 in unbound (Ubuntu Bionic) "CVE-2017-15105" [Undecided,Fix released] https://launchpad.net/bugs/1773720 16:31 Your work is very much appreciated and will keep Ubuntu users secure. Thank you! 16:31 The Ubuntu Security team is hiring. See https://grnh.se/8c0a6c1f1 for more details. 16:31 [TOPIC] Weekly stand-up report 16:31 jdstrand: you're up 16:32 hi! 16:32 This is a short week for me (off friday and all next week). This week I plan to work on: 16:32 * snapd PR reviews 16:32 * go through the anbox design and think through what proper confinement might look like 16:32 * iterate on last open PR (udev trigger) 16:32 that's it from me. mdeslaur, you're up 16:32 * adjust snap-confine to always use a device cgroup 16:32 * pick up review-tools snap USNs phase1/part ii work as have time 16:32 I'm on triage this week 16:33 I'm currently working on a massive imagemagick update 16:33 if anyone wants to help test, packages are building in the security team proposed PPA 16:33 I'm also working on en embargoed issue 16:33 and I'll pick something else from the list after that 16:33 that's it from me 16:33 sbeattie? 16:33 I'm in the happy place this week 16:34 I'm currently working on gnupg/gnupg2 updates 16:34 (they're also available in the security team proposed PPA for testing) 16:34 kernel updates are in the process of being published, will be publishing USNs for those 16:35 I also have amd64-microcode updates to publish once the kernel is out the door 16:35 after that, I have a couple of internal tasks to taek on. 16:35 That will probably consume my week. 16:36 jjohansen: over to you 16:36 I need to get my upstream kernel apparmor pull request out this morning, it was delayed last week because of the idr patch 16:37 and then I really need to focus on apparmor 3, specifically the feature subsetting so that we correctly compile versioned policy to what the kernel supports 16:38 if I get that done, I will move on to what ever other misc apparmor 3 issues need addressed so we can kick it out next week 16:38 sarnold: you are up 16:38 I'm on community this week 16:38 working down the list of MIRs, fprintd and .. related package .. and need to submit presentation topic to debconf 16:38 that's it for me, chrisccoulson? 16:39 (oh yes, reviewing john's patches if he feels it useful) 16:39 I'm currently working on a firefox update 16:39 the thunderbird update I was expecting still hasn't happened, so I'll have to do that if it does 16:40 I triaged all of the spidermonkey CVEs at the end of last week, and I'll probably do an update for that this week 16:40 other than that, I'm still working on getting thunderbird 60 packages building 16:41 I hope I'll have enough time after that to do something else, as it's .... *drum roll* .... rust updates next week 16:41 that's me done 16:42 I'm in the happy place this week. 16:43 This week will be dedicated to internal work. When I get a few spare minutes I will work on triaging wireshark CVEs to ensure they show the actual state. 16:43 leosilva: on to you 16:43 I'm bug-triage this week. 16:43 I'm working on ruby updates. 16:44 I'll also do some cve- searching after ruby to pick other updates 16:44 ratliff: it's back to you. 16:44 thanks, leosilva! 16:44 [TOPIC] Highlighted packages 16:44 The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. 16:44 See http://people.canonical.com/~ubuntu-security/d2u/ for available merges and https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:44 [TOPIC] Miscellaneous and Questions 16:44 Does anyone have any other questions or items to discuss? 16:46 jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, chrisccoulson, leosilva: Thanks! 16:46 #endmeeting