[16:41] <tyhicks> hello
[16:41] <jjohansen> \o
[16:41] <mdeslaur> hi tyhicks
[16:41] <tyhicks> #startmeeting
[16:41] <meetingology> Meeting started Mon Nov 14 16:41:13 2016 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:41] <meetingology> Available commands: action commands idea info link nick
[16:41] <jdstrand> hello
[16:41] <tyhicks> The meeting agenda can be found at:
[16:41] <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[16:41] <tyhicks> [TOPIC] Weekly stand-up report
[16:41] <tyhicks> jdstrand: you're up
[16:41] <jdstrand> this week:
[16:41] <jdstrand> finalize various snappy interface PR reviews (I'm waiting on feedback)
[16:41] <jdstrand> address feedback in 32bit binaries on 64bit snap-confine PR
[16:41] <jdstrand> various snappy policy updates
[16:41] <jdstrand> pick up dbus-app PR now that the snappy team is back
[16:42] <jdstrand> start poking at network-namespace interface
[16:42] <jdstrand> if have time, start implementing seccomp arg filtering policy that uses the arg filtering feature we implemented a long time ago
[16:42] <jdstrand> that's it from me
[16:43] <mdeslaur> looks like sbeattie isn't here, so I'll go next
[16:43] <mdeslaur> I'm on bug triage this week
[16:43] <tyhicks> you're always second :)
[16:43] <mdeslaur> oh, hrm, right
[16:43] <mdeslaur> off-by-one
[16:43] <mdeslaur> I'm on bug triage this week
[16:43] <mdeslaur> and I'm still working on ImageMagick
[16:44] <mdeslaur> and I'm off on friday
[16:44] <mdeslaur> and...that's all folks
[16:44] <mdeslaur> err...who's after sbeattie?
[16:44] <tyhicks> looks like sbeattie isn't here, so I'll go next
[16:44] <mdeslaur> hehehe
[16:44] <tyhicks> I'm in the happy place this week
[16:45] <tyhicks> I've got some SRU team followup to do on the apparmor 14.04 SRU
[16:45] <tyhicks> there's an eCryptfs issue that I need to at least look into
[16:45] <tyhicks> and hopefully I can get a start on seccomp logging changes for snappy
[16:46] <tyhicks> that's it for me
[16:46] <tyhicks> jjohansen: go ahead
[16:46] <tyhicks> oh, I had one more thing for snaps on 14.04
[16:46] <tyhicks> I need to backport dbus unrequested reply protections to 14.04's dbus
[16:47] <tyhicks> that's really it for me this time
[16:47] <jjohansen> 'm working on bugs,
[16:47] <jjohansen> I have the unix domain socket cross ns issue to do more testing on,
[16:47] <jjohansen> the noisy logging of apparmor/.null files,
[16:47] <jjohansen> several memory leaks due to reference counting,
[16:47] <jjohansen> hopefully I'll have more info on 100026726
[16:47] <jjohansen> and I also have ADT test failures to look into more
[16:49] <jjohansen> and if I get time, upstreaming work
[16:49] <jjohansen> thats it for me
[16:49] <jjohansen> sarnold: you're up
[16:50] <sarnold> I'm in the happy place this week
[16:50] <sarnold> and finally things feel back to normal after travels, so I'll probably return to the backlog of MIRs
[16:51] <sarnold> that ought to be enough to keep me busy until the next release or sprint, so that's it for me :)
[16:51] <sarnold> chrisccoulson?
[16:51] <tyhicks> good idea before the next wave come in
[16:51] <chrisccoulson> I've got a firefox update this week, and I also need to do a new oxide release
[16:51] <chrisccoulson> I'll hopefully be carrying on with https://blueprints.launchpad.net/oxide/+spec/ubuntu-webview-implementation, although I'm currently bogged down with investigating a crash at the moment
[16:52] <chrisccoulson> I think that's pretty much me done
[16:52] <tyhicks> thanks chrisccoulson
[16:52] <tyhicks> sbeattie: go ahead
[16:52] <sbeattie> I'm on cve triage this week
[16:52] <sbeattie> I have openjdk-7 updates to test from tdaitx, and I need to finish up the python updates I was working on
[16:53] <sbeattie> I have kernel signoffs to do, and some tooling work to do around the kernel update process as well
[16:53] <sbeattie> I need to get back to apparmor stuff, too
[16:53] <sbeattie> that's probably more than enough for this week
[16:53] <sbeattie> tyhicks: back to you
[16:54] <tyhicks> thanks
[16:54] <tyhicks> [TOPIC] Highlighted packages
[16:54] <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[16:54] <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[16:54] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/node-ws.html
[16:54] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/tomboy.html
[16:54] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/wss4j.html
[16:54] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/jquery-jplayer.html
[16:54] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/flatnuke.html
[16:54] <tyhicks> [TOPIC] Miscellaneous and Questions
[16:54] <tyhicks> Does anyone have any other questions or items to discuss?
[16:56] <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks!
[16:56] <tyhicks> #endmeeting
[16:56] <meetingology> Meeting ended Mon Nov 14 16:56:29 2016 UTC.
[16:56] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2016/ubuntu-meeting.2016-11-14-16.41.moin.txt
[16:56] <sbeattie> tyhicks: thanks!
[16:56] <jjohansen> thanks tyhicks
[16:56] <sarnold> thanks tyhicks!
[16:59] <mdeslaur> thanks tyhicks