| === maclin1 is now known as maclin | ||
| === fabo_ is now known as fabo | ||
| === apw_ is now known as apw | ||
| === fnordahl_ is now known as fnordahl | ||
| === ogra_ is now known as ogra | ||
| === marcoceppi_ is now known as marcoceppi | ||
| === fginther` is now known as fginther | ||
| mdeslaur | \o | 16:30 |
|---|---|---|
| tyhicks | #startmeeting | 16:30 |
| meetingology | Meeting started Mon Aug 7 16:30:50 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. | 16:30 |
| meetingology | Available commands: action commands idea info link nick | 16:30 |
| meetingology` | Meeting started Mon Aug 7 16:30:50 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. | 16:30 |
| meetingology` | Available commands: action commands idea info link nick | 16:30 |
| * sbeattie waves | 16:30 | |
| chrisccoulson | o/ | 16:30 |
| leosilva | o/ | 16:30 |
| tyhicks | The meeting agenda can be found at: | 16:31 |
| tyhicks | [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting | 16:31 |
| tyhicks | [TOPIC] Announcements | 16:31 |
| === meetingology changed the topic of #ubuntu-meeting to: Announcements | ||
| === meetingology` changed the topic of #ubuntu-meeting to: Announcements | ||
| tyhicks | heh, zero meeting bots last week and two meeting bots this week | 16:31 |
| mdeslaur | oooh! bot fight! | 16:31 |
| tyhicks | James Lu (tacocat) provided debdiffs for xenial-zesty for gnome-exe-thumbnailer (LP: #651610) | 16:31 |
| ubottu | Launchpad bug 651610 in gnome-exe-thumbnailer (Ubuntu) "[CVE-2017-11421] Version number for .msi thumbnail is obtained from unreliable source" [Critical,Fix released] https://launchpad.net/bugs/651610 | 16:31 |
| tyhicks | Simon Quigley (tsimonq2) provided debdiffs for trusty-xenial for lxterminal (LP: #1690416) | 16:31 |
| ubottu | Launchpad bug 1690416 in lxterminal (Ubuntu Artful) "[CVE] socket can be blocked by another user" [Undecided,Fix released] https://launchpad.net/bugs/1690416 | 16:31 |
| tyhicks | Simon Quigley (tsimonq2) provided debdiffs for trusty-zesty for pcmanfm (LP: #1708542) | 16:31 |
| ubottu | Launchpad bug 1708542 in pcmanfm (Ubuntu Zesty) "Fix potential access violation, use runtime user dir instead of tmp dir" [Undecided,Fix released] https://launchpad.net/bugs/1708542 | 16:31 |
| tyhicks | Otto Kekäläinen (otto) provided debdiffs for trusty for mariadb-5.5 (LP: #1705944) | 16:31 |
| ubottu | Launchpad bug 1705944 in mariadb-5.5 (Ubuntu) "USN-3357-1: partially applies to MariaDB too" [Medium,Fix released] https://launchpad.net/bugs/1705944 | 16:31 |
| tyhicks | Otto Kekäläinen (otto) provided debdiffs for xenial for mariadb-10.0 (LP: #1698689) | 16:32 |
| ubottu | Launchpad bug 1698689 in mariadb-10.1 (Ubuntu Artful) "USN-3269-1: partially applies to MariaDB too" [Undecided,New] https://launchpad.net/bugs/1698689 | 16:32 |
| tyhicks | Otto Kekäläinen (otto) provided debdiffs for zesty for mariadb-10.1 (LP: #1698689) | 16:32 |
| tyhicks | Roger Light (ral) provided debdiffs for trusty-zesty for mosquitto (LP: #1700490) | 16:32 |
| ubottu | Launchpad bug 1700490 in mosquitto (Ubuntu) "Persistence file is world readable" [Undecided,Fix released] https://launchpad.net/bugs/1700490 | 16:32 |
| tyhicks | Thank you for your assistance in keeping Ubuntu users secure! :) | 16:32 |
| tyhicks | [TOPIC] Weekly stand-up report | 16:32 |
| === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report | ||
| === meetingology` changed the topic of #ubuntu-meeting to: Weekly stand-up report | ||
| tyhicks | jdstrand: you're up | 16:32 |
| jdstrand | hey | 16:33 |
| jdstrand | Last week I focused a lot on interface reviews (broadcom-asic-control, udev tagging,kvm, spi, avahi reimplementation. I also coordinated with the Desktop team wrt snaps on 17.10 desktop. I triaged the snapd-interface bugs and picked up the wayland work a bit. | 16:33 |
| jdstrand | This week I plan to: | 16:33 |
| jdstrand | - finish going through the wayland interface (this has required quite a bit of investigation wrt interactions with snapd's setting of XDG_RUNTIME_DIR | 16:33 |
| jdstrand | - be responsive to various snappy PRs and feature discussions (eg, udev tagging, avahi, snapd user/groups, portals, etc) | 16:33 |
| jdstrand | - perform several PRs against snapd 2.27 for recent PRs that need to be in the next release | 16:34 |
| jdstrand | - pickup new 'desktop' interface for gnome-shell, plasma and sway as have time | 16:34 |
| jdstrand | that's it from me | 16:34 |
| jdstrand | mdeslaur: you're up | 16:34 |
| mdeslaur | I'm on triage this week | 16:34 |
| mdeslaur | and I have a couple of updates to publish | 16:34 |
| mdeslaur | and after down, down the list, as usual | 16:34 |
| mdeslaur | sbeattie: you're up | 16:34 |
| sbeattie | I'm in the happy place this week | 16:34 |
| sbeattie | I have a couple of kernel USNs to publish this morning | 16:35 |
| sbeattie | I have an embargoed issue on my plate | 16:35 |
| sbeattie | I'm stll waiting on openjdk-7 from td aitx, but might have that to publish this week | 16:36 |
| sbeattie | I'll look at picking up other updates as well | 16:36 |
| tsimonq2 | tyhicks: :D | 16:36 |
| sbeattie | I also have some apparmor bits and qrt bits to poke at. | 16:36 |
| sbeattie | that's it for me. tyhicks, over to you... | 16:37 |
| tyhicks | I'm in the happy place this week | 16:37 |
| tyhicks | I will finish making changes to seccomp v6 kernel patch set, test, and submit upstream | 16:37 |
| tyhicks | need to do fscrypt pam module review and packaging | 16:37 |
| tyhicks | still need to familiarize myself with the latest LSM stacking patch set | 16:37 |
| tyhicks | I also still need to review jdstrand's snapd users/groups writeup | 16:37 |
| tyhicks | jjohansen: you're up | 16:38 |
| jjohansen | I am still working on upstreaming apparmor, specifically the type splitting needed to fixed the stored path issue in our unix domain sockets. | 16:38 |
| jjohansen | I will be doing some more testing of the LSM stacking kernel, and getting my feedback to Casey | 16:38 |
| jjohansen | I have some Ralley prep to take care of this week. | 16:38 |
| jjohansen | and if there is time some misc apparmor test suite issues to poke at | 16:39 |
| jdstrand | tyhicks: fyi, niemeyer ack'd that the users/groups write-up is accurate which I think is a precursor to his full review/comment | 16:39 |
| jjohansen | thats it for me sarnold you're up | 16:40 |
| sarnold | I'm on community this week; also setting up rally travel, and working down the MIRs. Maybe review a patch or two from jjohansen if he think it'd be helpful. | 16:40 |
| sarnold | that's it for me, chrisccoulson? | 16:40 |
| chrisccoulson | I've got firefox and chromium updates this week | 16:40 |
| jjohansen | sarnold: oh yes | 16:41 |
| chrisccoulson | I'm also in the process of updating rust to 1.19, but I've got an issue with 1.18 first. I imagine this will take up most of my week | 16:41 |
| chrisccoulson | That's me done | 16:41 |
| ratliff | I'm in the happy place this week | 16:41 |
| ratliff | I will be focusing on KPIs for the foreseeable future | 16:42 |
| ratliff | leosilva: you are up | 16:42 |
| leosilva | I worked in a couple of update/finished the publishment today morning | 16:43 |
| leosilva | this week I'm bug triage and also finish triage hope to get some updates too | 16:43 |
| leosilva | that's it for me | 16:43 |
| leosilva | tyhicks: it's back to you | 16:43 |
| leosilva | duh, I mean, soon finish triage* | 16:44 |
| * tyhicks is catching up | 16:44 | |
| tyhicks | [TOPIC] Highlighted packages | 16:45 |
| === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages | ||
| === meetingology` changed the topic of #ubuntu-meeting to: Highlighted packages | ||
| tyhicks | The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. | 16:45 |
| tyhicks | See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. | 16:45 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/unrar-nonfree.html | 16:45 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/yaml-cpp.html | 16:45 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/qpid-proton.html | 16:45 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/freeciv.html | 16:45 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/inspircd.html | 16:45 |
| tyhicks | [TOPIC] Miscellaneous and Questions | 16:45 |
| === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions | ||
| === meetingology` changed the topic of #ubuntu-meeting to: Miscellaneous and Questions | ||
| tyhicks | Does anyone have any other questions or items to discuss? | 16:45 |
| sarnold | probably it's worth adding http://people.canonical.com/~ubuntu-security/cve/pkg/varnish.html to that list, four or so community folks filed bugs but I don't recall seeing any debdiffs http://people.canonical.com/~ubuntu-security/cve/pkg/varnish.html | 16:47 |
| tyhicks | good thought | 16:47 |
| tyhicks | I think varnish updates would be more useful than any of the ones I listed | 16:48 |
| tsimonq2 | I can provide debdiffs within the next hour if someone can help me test them. | 16:50 |
| tsimonq2 | Because it's a Universe package right? | 16:50 |
| tsimonq2 | (yes, answered my own question) | 16:50 |
| tyhicks | tsimonq2: you could post debdiffs, sarnold could sponsor them to the ubuntu-security-proposed PPA, and then we could ask for testing in the bug | 16:51 |
| tsimonq2 | tyhicks: Works for me. | 16:51 |
| tyhicks | tsimonq2: thanks! | 16:51 |
| tyhicks | jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff, leosilva: thank you! | 16:51 |
| tyhicks | #endmeeting | 16:51 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds: Please leave swords by the door | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendars | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | ||
| meetingology | Meeting ended Mon Aug 7 16:51:50 2017 UTC. | 16:51 |
| meetingology | Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-08-07-16.30.moin.txt | 16:51 |
| === meetingology` changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds: Please leave swords by the door | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendars | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | ||
| meetingology` | Meeting ended Mon Aug 7 16:51:50 2017 UTC. | 16:51 |
| meetingology` | Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-08-07-16.30.moin.txt | 16:51 |
| tsimonq2 | tyhicks: np, let's follow up in #ubuntu-hardened :) | 16:51 |
| mdeslaur | thanks tyhicks | 16:51 |
| jdstrand | thanks tyhicks :) | 16:51 |
| jjohansen | thanks tyhicks | 16:51 |
| leosilva | thanks tyhicks! | 16:51 |
| sarnold | thanks tyhicks! | 16:52 |
| === meetingology` is now known as meetingology | ||
| === JanC__ is now known as JanC | ||
| === meetingology` is now known as meetingology | ||
| === meetingology` is now known as meetingology | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!