[16:32] <tyhicks> hello
[16:32] <mdeslaur> \o
[16:33] <leosilva> o/
[16:33] <tyhicks> #startmeeting
[16:33] <meetingology> Meeting started Mon Oct 30 16:33:18 2017 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:33] <meetingology> Available commands: action commands idea info link nick
[16:33] <tyhicks> The meeting agenda can be found at:
[16:33] <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[16:33] <tyhicks> [TOPIC] Weekly stand-up report
[16:33] <tyhicks> jdstrand: you're up
[16:33] <jdstrand> hey
[16:33] <jdstrand> * finalize snappy-debug fixes (based on sprint feedback)
[16:33] <jdstrand> * follow through on some policy updates for 2.29
[16:33] <jdstrand> * layouts reviews (as needed)
[16:33] <jdstrand> * various followups for two reported regressions in udev tagging/device cgroups
[16:33] <jdstrand> * verify uhid interface is working correctly after udev tagging
[16:33] <jdstrand> * look into broadcom-asic-control interface bug where interface is not connected if the module doesn't exist
[16:33] <jdstrand> * continue uid/gid seccomp arg filtering as have time
[16:34] <jdstrand> that's what I plan to work on this week ^
[16:34] <jdstrand> mdeslaur: you're up
[16:34] <mdeslaur> I'm on CVE triage this week
[16:34] <mdeslaur> and I'm working on quagga updates
[16:34] <mdeslaur> I'll be picking up something else after that
[16:34] <mdeslaur> that's about it
[16:35] <mdeslaur> sbeattie: you're up
[16:35] <sbeattie> I'm in the happy place this week
[16:35] <sbeattie> I've got a couple leftover tasks from the apparmor online sprint to finish up
[16:36] <sbeattie> kernel updates should be happening this week, so I need to finish some signoff tasks and publish USNs for those
[16:36] <sbeattie> I have openjdk-8 updates from tdaitx to test and publish
[16:36] <sbeattie> after all that, I'll try to pick up another update or two
[16:36] <sbeattie> that's it for me. tyhicks?
[16:37] <tyhicks> sbeattie: I think CVE tracking for snaps should still be a high priority for this week
[16:37] <tyhicks> I'm in the happy place this week
[16:37] <tyhicks> I'm still trying to get to eCryptfs kernel patch review
[16:38] <tyhicks> then I'll start working on squashfs image reproduceability
[16:38] <tyhicks> I also have some embargoed issues
[16:38] <tyhicks> sarnold: you're up (jj is out)
[16:38] <sbeattie> tyhicks: fair point.
[16:39] <tyhicks> sarnold isn't here yet
[16:39] <tyhicks> chrisccoulson: you're up
[16:39] <chrisccoulson> I've got a chromium update to test and publish
[16:40] <chrisccoulson> There was also an unscheduled firefox release last week which I wasn't aware of until after it happened. I'm not sure yet whether to ship that
[16:40] <chrisccoulson> Then I've got to get rust updated to 1.21
[16:40] <leosilva> wee, rust updates.
[16:40] <chrisccoulson> I'd like to think I'd get time to do something else this week, but that hasn't worked very well in recent weeks
[16:41] <chrisccoulson> that's me done
[16:41] <chrisccoulson> leosilva, yeah, fun ;)
[16:41] <ratliff> I'm in the happy place this week.
[16:41] <ratliff> I have some writing assignments. When those are done, I want to work on integrating InfluxDB into our KPIs.
[16:41] <ratliff> on to you, leosilva
[16:42] <leosilva> I'm bug triage this week.
[16:42] <leosilva> I did push some USN this morning
[16:42] <leosilva> I have some bug to investigate in bug triage role
[16:42] <leosilva> besides that I'll do my usual hunting for pkg to update.
[16:42] <leosilva> That's all for me.
[16:42] <leosilva> tyhicks: it's back to you!
[16:43] <tyhicks> thanks!
[16:43] <tyhicks> [TOPIC] Highlighted packages
[16:43] <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[16:43] <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[16:43] <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/git-hub.html
[16:43] <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/guacamole-client.html
[16:43] <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/revelation.html
[16:43] <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/ruby-rack.html
[16:43] <tyhicks> Does anyone have any other questions or items to discuss?
[16:43] <tyhicks> https://people.canonical.com/~ubuntu-security/cve/pkg/ettercap.html
[16:43] <tyhicks> [TOPIC] Miscellaneous and Questions
[16:45] <tyhicks> jdstrand, mdeslaur, sbeattie, ChrisCoulson, ratliff, leosilva: Thanks!
[16:45] <sarnold> sorry I'm late, I lost track of time
[16:45] <ratliff> thank you, tyhicks!
[16:45] <tyhicks> #endmeeting
[16:45] <meetingology> Meeting ended Mon Oct 30 16:45:41 2017 UTC.
[16:45] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-10-30-16.33.moin.txt
[16:46] <sbeattie> tyhicks: thanks!
[16:46] <tyhicks> sarnold: go ahead and mention your plans for the week and I'll include them in the wiki page
[16:47] <sarnold> tyhicks: community this week, there's the spice-vdagent to finish up, pcp review, apparmor patche review if necessary, and an embargoed issue
[16:47] <sarnold> thanks tyhicks :)
[16:47] <tyhicks> thanks!
[16:50] <mdeslaur> thanks tyhicks