| === phunyguy is now known as phunyguys | ||
| === phunyguys is now known as phunyguy | ||
| === maclin1 is now known as maclin | ||
| === maclin1 is now known as maclin | ||
| === fnordahl_ is now known as fnordahl | ||
| tyhicks | hello | 16:31 |
|---|---|---|
| mdeslaur | \o | 16:31 |
| tyhicks | #startmeeting | 16:31 |
| meetingology | Meeting started Mon Mar 6 16:31:39 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. | 16:31 |
| meetingology | Available commands: action commands idea info link nick | 16:31 |
| tyhicks | The meeting agenda can be found at: | 16:31 |
| tyhicks | [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting | 16:31 |
| tyhicks | [TOPIC] Announcements | 16:31 |
| === meetingology changed the topic of #ubuntu-meeting to: Announcements | ||
| tyhicks | Jeremy Bicha (jbicha) provided debdiffs for xenial-yakkety for iio-sensor-proxy (LP: #1666358) | 16:31 |
| ubottu | Launchpad bug 1666358 in iio-sensor-proxy (Ubuntu Yakkety) "iio-sensor-proxy: Insecure configuration of dbus service" [High,Fix released] https://launchpad.net/bugs/1666358 | 16:32 |
| tyhicks | Vishnu Naini (visred) provided debdiffs for xenial-yakkety for kde4libs and kio (LP: #1668871) | 16:32 |
| ubottu | Launchpad bug 1668871 in kde4libs (Ubuntu Trusty) "kio: Information Leak when accessing https when using a malicious PAC file" [Undecided,New] https://launchpad.net/bugs/1668871 | 16:32 |
| tyhicks | Thank you for your assistance in keeping Ubuntu users secure! :) | 16:32 |
| tyhicks | [TOPIC] Weekly stand-up report | 16:32 |
| === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report | ||
| tyhicks | jdstrand: you're up | 16:32 |
| * mdeslaur poked jdstrand with sharp stick | 16:35 | |
| mdeslaur | meh, I'll go | 16:35 |
| mdeslaur | I'm in the happy place this week | 16:35 |
| tyhicks | thanks | 16:35 |
| mdeslaur | I'm currently working on an embargoed issue | 16:35 |
| mdeslaur | and I have imagemagick updates to test and release | 16:36 |
| mdeslaur | if I have time left over, I need to do the gigantic apache2 backport | 16:36 |
| mdeslaur | that's about it | 16:36 |
| mdeslaur | sbeattie: tag | 16:36 |
| sbeattie | I'm on community this week | 16:36 |
| sbeattie | I have one embargoed issue partially on my plate and may have a second, pending discussion | 16:37 |
| jdstrand | sorry, hard crash due to intel driver issue | 16:37 |
| tyhicks | jdstrand: bummer - you can go next after Steve | 16:37 |
| sbeattie | I'm also working on glibc updates | 16:37 |
| sbeattie | after that I'll look at the list of updates needed | 16:38 |
| sbeattie | that's pretty much it for me. jdstrand? | 16:38 |
| jdstrand | short week (off thursday, back friday, off next week) | 16:38 |
| jdstrand | last week I did a bunch of reviews, did some simple policy updates and continued on netlink mediation as part of seccomp arg filtering (phase 1 PR is up for review). Note that all seccomp arg filtering branches are blocked on a PR for something called snap-confine reexec. I'm just allowing them to queue up and following up with the snappy team on that PR | 16:38 |
| jdstrand | This week I plan to: | 16:38 |
| jdstrand | review tools updates for recent issues | 16:38 |
| jdstrand | PR and store reviews | 16:38 |
| jdstrand | more policy updates, especially surrounding mir on dragonboard (some issues were reported on this that I need to look into) | 16:38 |
| jdstrand | continue with seccomp arg filtering (eg, continue 'users and groups' PR and phase 2 netlink mediation) as have time | 16:38 |
| jdstrand | that's it for me | 16:38 |
| tyhicks | I'm on bug triage this week | 16:40 |
| tyhicks | Jamie and I (mostly Jamie) came up with a good design for a technical blocker of the seccomp patches | 16:41 |
| tyhicks | I need to propose that to upstream and start working on a new patch to implement the feature | 16:41 |
| tyhicks | I still have a design review to do | 16:41 |
| tyhicks | and I have 1-2 embargoed issues | 16:41 |
| tyhicks | that's it for me | 16:41 |
| tyhicks | jjohansen: you're up | 16:41 |
| tyhicks | he may not be around | 16:43 |
| tyhicks | sarnold: go ahead | 16:43 |
| sarnold | I'm on cve triage this week | 16:43 |
| sarnold | I'd very much like to finish up the shadow usn and lasso mir | 16:43 |
| sarnold | and probably some patch reviwes | 16:44 |
| sarnold | that's it for me, chrisccoulson? | 16:44 |
| chrisccoulson | I've got a firefox update to do this week | 16:44 |
| chrisccoulson | I also need to get thunderbird ready | 16:45 |
| chrisccoulson | I made a start revewing one of the big oxide merge proposals last week, and I need to finish that | 16:45 |
| chrisccoulson | Also, I need to get cargo bootstrapped everywhere, but that's slightly more difficult than I anticipated | 16:46 |
| chrisccoulson | other than that, I'll be working on oxide stuff as usual | 16:46 |
| chrisccoulson | that's me done | 16:46 |
| ratliff | I'm in the happy place this week | 16:47 |
| ratliff | I'll be looking at the notification task some more | 16:47 |
| ratliff | I have a variety of internal tasks (sizings, etc) to do | 16:47 |
| ratliff | If I have additional time, I'll continue working on updates for vivid based core and touch | 16:48 |
| ratliff | back to you tyhicks | 16:48 |
| tyhicks | thanks! | 16:48 |
| tyhicks | [TOPIC] Highlighted packages | 16:48 |
| === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages | ||
| tyhicks | The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. | 16:48 |
| tyhicks | See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. | 16:48 |
| tyhicks | See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. | 16:48 |
| tyhicks | oops | 16:49 |
| tyhicks | See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. | 16:49 |
| tyhicks | wut | 16:49 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/midgard2-core.html | 16:49 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/libquicktime.html | 16:49 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/steam.html | 16:49 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/gpw.html | 16:49 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/revelation.html | 16:49 |
| tyhicks | [TOPIC] Miscellaneous and Questions | 16:49 |
| === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions | ||
| tyhicks | Does anyone have any other questions or items to discuss? | 16:49 |
| tyhicks | jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff: Thanks! | 16:51 |
| tyhicks | #endmeeting | 16:51 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds: Please leave swords by the door | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendars | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | ||
| meetingology | Meeting ended Mon Mar 6 16:51:57 2017 UTC. | 16:51 |
| meetingology | Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-03-06-16.31.moin.txt | 16:51 |
| sarnold | thanks tyhicks! | 16:52 |
| mdeslaur | thanks tyhicks | 16:52 |
| ratliff | thank you tyhicks! | 16:52 |
| sbeattie | tyhicks: thanks! | 16:52 |
| === maclin1 is now known as maclin | ||
| jdstrand | thanks tyhicks :) | 17:09 |
| === dosaboy_ is now known as dosaboy | ||
| === noy_ is now known as noy | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!