[16:30] <mdeslaur> \o
[16:30] <tyhicks> #startmeeting
[16:30] <meetingology> Meeting started Mon Aug  7 16:30:50 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:30] <meetingology> Available commands: action commands idea info link nick
[16:30] <meetingology`> Meeting started Mon Aug  7 16:30:50 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:30] <meetingology`> Available commands: action commands idea info link nick
[16:30]  * sbeattie waves
[16:30] <chrisccoulson> o/
[16:30] <leosilva> o/
[16:31] <tyhicks> The meeting agenda can be found at:
[16:31] <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[16:31] <tyhicks> [TOPIC] Announcements
[16:31] <tyhicks> heh, zero meeting bots last week and two meeting bots this week
[16:31] <mdeslaur> oooh! bot fight!
[16:31] <tyhicks> James Lu (tacocat) provided debdiffs for xenial-zesty for gnome-exe-thumbnailer (LP: #651610)
[16:31] <tyhicks> Simon Quigley (tsimonq2) provided debdiffs for trusty-xenial for lxterminal (LP: #1690416)
[16:31] <tyhicks> Simon Quigley (tsimonq2) provided debdiffs for trusty-zesty for pcmanfm (LP: #1708542)
[16:31] <tyhicks> Otto Kekäläinen (otto) provided debdiffs for trusty for mariadb-5.5 (LP: #1705944)
[16:32] <tyhicks> Otto Kekäläinen (otto) provided debdiffs for xenial for mariadb-10.0 (LP: #1698689)
[16:32] <tyhicks> Otto Kekäläinen (otto) provided debdiffs for zesty for mariadb-10.1 (LP: #1698689)
[16:32] <tyhicks> Roger Light (ral) provided debdiffs for trusty-zesty for mosquitto (LP: #1700490)
[16:32] <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :)
[16:32] <tyhicks> [TOPIC] Weekly stand-up report
[16:32] <tyhicks> jdstrand: you're up
[16:33] <jdstrand> hey
[16:33] <jdstrand> Last week I focused a lot on interface reviews (broadcom-asic-control, udev tagging,kvm, spi, avahi reimplementation. I also coordinated with the Desktop team wrt snaps on 17.10 desktop. I triaged the snapd-interface bugs and picked up the wayland work a bit.
[16:33] <jdstrand> This week I plan to:
[16:33] <jdstrand> - finish going through the wayland interface (this has required quite a bit of investigation wrt interactions with snapd's setting of XDG_RUNTIME_DIR
[16:33] <jdstrand> - be responsive to various snappy PRs and feature discussions (eg, udev tagging, avahi, snapd user/groups, portals, etc)
[16:34] <jdstrand> - perform several PRs against snapd 2.27 for recent PRs that need to be in the next release
[16:34] <jdstrand> - pickup new 'desktop' interface for gnome-shell, plasma and sway as have time
[16:34] <jdstrand> that's it from me
[16:34] <jdstrand> mdeslaur: you're up
[16:34] <mdeslaur> I'm on triage this week
[16:34] <mdeslaur> and I have a couple of updates to publish
[16:34] <mdeslaur> and after down, down the list, as usual
[16:34] <mdeslaur> sbeattie: you're up
[16:34] <sbeattie> I'm in the happy place this week
[16:35] <sbeattie> I have a couple of kernel USNs to publish this morning
[16:35] <sbeattie> I have an embargoed issue on my plate
[16:36] <sbeattie> I'm stll waiting on openjdk-7 from td aitx, but might have that to publish this week
[16:36] <sbeattie> I'll  look at picking up other updates as well
[16:36] <tsimonq2> tyhicks: :D
[16:36] <sbeattie> I also have some apparmor bits and qrt bits to poke at.
[16:37] <sbeattie> that's it for me. tyhicks, over to you...
[16:37] <tyhicks> I'm in the happy place this week
[16:37] <tyhicks> I will finish making changes to seccomp v6 kernel patch set, test, and submit upstream
[16:37] <tyhicks> need to do fscrypt pam module review and packaging
[16:37] <tyhicks> still need to familiarize myself with the latest LSM stacking patch set
[16:37] <tyhicks> I also still need to review jdstrand's snapd users/groups writeup
[16:38] <tyhicks> jjohansen: you're up
[16:38] <jjohansen> I am still working on upstreaming apparmor, specifically the type splitting needed to fixed the stored path issue in our unix domain sockets.
[16:38] <jjohansen> I will be doing some more testing of the LSM stacking kernel, and getting my feedback to Casey
[16:38] <jjohansen> I have some Ralley prep to take care of this week.
[16:39] <jjohansen> and if there is time some misc apparmor test suite issues to poke at
[16:39] <jdstrand> tyhicks: fyi, niemeyer ack'd that the users/groups write-up is accurate which I think is a precursor to his full review/comment
[16:40] <jjohansen> thats it for me sarnold you're up
[16:40] <sarnold> I'm on community this week; also setting up rally travel, and working down the MIRs. Maybe review a patch or two from jjohansen if he think it'd be helpful.
[16:40] <sarnold> that's it for me, chrisccoulson?
[16:40] <chrisccoulson> I've got firefox and chromium updates this week
[16:41] <jjohansen> sarnold: oh yes
[16:41] <chrisccoulson> I'm also in the process of updating rust to 1.19, but I've got an issue with 1.18 first. I imagine this will take up most of my week
[16:41] <chrisccoulson> That's me done
[16:41] <ratliff> I'm in the happy place this week
[16:42] <ratliff> I will be focusing on KPIs for the foreseeable future
[16:42] <ratliff> leosilva: you are up
[16:43] <leosilva> I worked in a couple of update/finished the publishment today morning
[16:43] <leosilva> this week I'm bug triage and also finish triage hope to get some updates too
[16:43] <leosilva> that's it for me
[16:43] <leosilva> tyhicks: it's back to you
[16:44] <leosilva> duh, I mean, soon finish triage*
[16:44]  * tyhicks is catching up
[16:45] <tyhicks> [TOPIC] Highlighted packages
[16:45] <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[16:45] <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[16:45] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/unrar-nonfree.html
[16:45] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/yaml-cpp.html
[16:45] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/qpid-proton.html
[16:45] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/freeciv.html
[16:45] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/inspircd.html
[16:45] <tyhicks> [TOPIC] Miscellaneous and Questions
[16:45] <tyhicks> Does anyone have any other questions or items to discuss?
[16:47] <sarnold> probably it's worth adding http://people.canonical.com/~ubuntu-security/cve/pkg/varnish.html to that list, four or so community folks filed bugs but I don't recall seeing any debdiffs http://people.canonical.com/~ubuntu-security/cve/pkg/varnish.html
[16:47] <tyhicks> good thought
[16:48] <tyhicks> I think varnish updates would be more useful than any of the ones I listed
[16:50] <tsimonq2> I can provide debdiffs within the next hour if someone can help me test them.
[16:50] <tsimonq2> Because it's a Universe package right?
[16:50] <tsimonq2> (yes, answered my own question)
[16:51] <tyhicks> tsimonq2: you could post debdiffs, sarnold could sponsor them to the ubuntu-security-proposed PPA, and then we could ask for testing in the bug
[16:51] <tsimonq2> tyhicks: Works for me.
[16:51] <tyhicks> tsimonq2: thanks!
[16:51] <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, ratliff, leosilva: thank you!
[16:51] <tyhicks> #endmeeting
[16:51] <meetingology> Meeting ended Mon Aug  7 16:51:50 2017 UTC.
[16:51] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-08-07-16.30.moin.txt
[16:51] <meetingology`> Meeting ended Mon Aug  7 16:51:50 2017 UTC.
[16:51] <meetingology`> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-08-07-16.30.moin.txt
[16:51] <tsimonq2> tyhicks: np, let's follow up in #ubuntu-hardened :)
[16:51] <mdeslaur> thanks tyhicks
[16:51] <jdstrand> thanks tyhicks :)
[16:51] <jjohansen> thanks tyhicks
[16:51] <leosilva> thanks tyhicks!
[16:52] <sarnold> thanks tyhicks!