| tyhicks | hello! | 16:31 |
|---|---|---|
| leosilva | o/ | 16:31 |
| chrisccoulson | whoop | 16:31 |
| * sbeattie waves | 16:31 | |
| tyhicks | #startmeeting | 16:31 |
| meetingology | Meeting started Mon Nov 27 16:31:45 2017 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. | 16:31 |
| meetingology | Available commands: action commands idea info link nick | 16:31 |
| tyhicks | The meeting agenda can be found at: | 16:31 |
| tyhicks | [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting | 16:31 |
| tyhicks | [TOPIC] Announcements | 16:31 |
| === meetingology changed the topic of #ubuntu-meeting to: Announcements | ||
| mdeslaur | \o | 16:32 |
| tyhicks | Simon Quigley (tsimonq2) provided debdiffs for trusty-artful for konversation (LP: #1731797) | 16:32 |
| ubottu | Launchpad bug 1731797 in Kubuntu PPA "[CVE] Crash in IRC message parsing" [High,In progress] https://launchpad.net/bugs/1731797 | 16:32 |
| tyhicks | Thank you for your assistance in keeping Ubuntu users secure! :) | 16:32 |
| tyhicks | [TOPIC] Weekly stand-up report | 16:32 |
| === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report | ||
| tyhicks | jdstrand: you're up | 16:32 |
| tyhicks | mdeslaur: go ahead | 16:34 |
| mdeslaur | I'm in the happy place this week | 16:34 |
| mdeslaur | I have three updates I'm about to release, including the remote code execution issue found in exim this weekend | 16:35 |
| mdeslaur | we have exim compiled with PIE, so I don't think we have code execution | 16:35 |
| mdeslaur | but updates are ready anyway | 16:35 |
| mdeslaur | after that, I'll pick something up from the list, if leosilva left me any | 16:35 |
| mdeslaur | that's about it | 16:35 |
| mdeslaur | sbeattie: you're up | 16:35 |
| leosilva | hehe | 16:35 |
| sbeattie | I'm also in the happy place this week | 16:35 |
| sbeattie | My primary focus is on CVE notifications for snap owners | 16:36 |
| sbeattie | I have an openjdk-7 update from td daitx to test and publish | 16:36 |
| sbeattie | I have some upstream apparmor tasks open | 16:36 |
| * jdstrand is here (sorry) | 16:37 | |
| sbeattie | and I have the usual bits of kernel cve triage to watch over. | 16:37 |
| sbeattie | that's probably my week. | 16:37 |
| sbeattie | jdstrand: you want to jump in? | 16:37 |
| tyhicks | jdstrand: go ahead | 16:37 |
| jdstrand | yeah | 16:37 |
| jdstrand | This week I am focusing on: | 16:37 |
| jdstrand | * email catchup from short week last week | 16:37 |
| jdstrand | * fix a review tools/store bug | 16:37 |
| jdstrand | * snapd PR reviews | 16:37 |
| jdstrand | * pickup the ssh/gpg interfaces PR | 16:37 |
| jdstrand | * investigate/implement proper fix for hotplugged devices not being added to device cgroup (mir input forum issue) | 16:37 |
| jdstrand | * investigate tun/tap intermittent spread failure as have time | 16:37 |
| jdstrand | * add kmod spread test as have time | 16:37 |
| jdstrand | * uid/gid privilege dropping as have time | 16:37 |
| jdstrand | * everything from ssh/gpg and after might change depending on an embargoed issue I might be asked to help with | 16:37 |
| jdstrand | that's it from me. back to you tyhicks :) | 16:37 |
| tyhicks | I'm on community this week | 16:39 |
| tyhicks | I'll be catching up on email from being off all last week | 16:39 |
| tyhicks | I have several things that I need to nudge along this week but shouldn't require any real work on my side (snapd seccomp logging PR, libseccomp xenial SRU, audit SRUs, libseccomp-golang upstream PR) | 16:40 |
| tyhicks | I plan to focus on reproducable squashfs images | 16:41 |
| tyhicks | there are two more ecryptfs kernel fixes that need to go into a 4.15 -rc release so I'll get to them as I have time | 16:41 |
| tyhicks | that's it for me | 16:41 |
| tyhicks | jj is out | 16:41 |
| tyhicks | sarnold: you're up | 16:41 |
| sarnold | I'm on cve triage this week, and getting caught up on whatever I missed while enjoying a nice long weekend | 16:44 |
| sarnold | apparmor patch reviews as I can, and finishing the embargoed review, starting on the next MIR on the list | 16:44 |
| sarnold | that should cover me, chrisccoulson? | 16:44 |
| chrisccoulson | I've got a thunderbird update to do this week (started already), and a firefox publication to finish off | 16:45 |
| chrisccoulson | And then rust and cargo updates. I'm reasonably optimistic this one will go better than the last, and it shouldn't be too difficult | 16:46 |
| chrisccoulson | I also need to figure out how hard it is to backport python versions for the firefox build | 16:46 |
| tyhicks | how many weeks before that's needed? | 16:47 |
| chrisccoulson | tyhicks, python or rust? | 16:47 |
| tyhicks | chrisccoulson: python' | 16:47 |
| chrisccoulson | tyhicks, march for the actual release | 16:47 |
| chrisccoulson | but anytime now for trunk | 16:48 |
| tyhicks | ack, glad you're thinking about it this early | 16:48 |
| chrisccoulson | And then hopefully I'll have some time left to look at other things, finally | 16:48 |
| chrisccoulson | that's me done | 16:48 |
| tyhicks | ratliff: your turn | 16:48 |
| ratliff | I'm on bug triage this week | 16:49 |
| ratliff | After that I will continue to be focused on internal tasks. | 16:49 |
| ratliff | on to you leosilva | 16:49 |
| leosilva | I`m the happy place this week | 16:49 |
| leosilva | I also will have a short week (Tuesday is my Friday) | 16:49 |
| leosilva | I have a postgresql-common to work and USN and some python that I'm waiting to push to ppas. | 16:50 |
| leosilva | I also want to hunt some pkg and push in my list of TODO. | 16:50 |
| leosilva | that ` all, tyhicks it is back to you | 16:50 |
| tyhicks | thanks | 16:51 |
| tyhicks | [TOPIC] Highlighted packages | 16:51 |
| === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages | ||
| tyhicks | The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. | 16:51 |
| tyhicks | See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. | 16:51 |
| tyhicks | https://people.canonical.com/~ubuntu-security/cve/pkg/python-rsa.html | 16:51 |
| tyhicks | https://people.canonical.com/~ubuntu-security/cve/pkg/percona-xtrabackup.html | 16:51 |
| tyhicks | https://people.canonical.com/~ubuntu-security/cve/pkg/libpgf.html | 16:51 |
| tyhicks | [TOPIC] Miscellaneous and Questions | 16:51 |
| === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions | ||
| tyhicks | https://people.canonical.com/~ubuntu-security/cve/pkg/python3.7.html | 16:51 |
| tyhicks | Does anyone have any other questions or items to discuss? | 16:51 |
| tyhicks | https://people.canonical.com/~ubuntu-security/cve/pkg/xine-ui.html | 16:51 |
| tyhicks | jdstrand, mdeslaur, sbeattie, sarnold, ChrisCoulson, ratliff, leosilva: Thanks! | 16:53 |
| tyhicks | #endmeeting | 16:53 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds: Please leave swords by the door | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendars | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | ||
| meetingology | Meeting ended Mon Nov 27 16:53:07 2017 UTC. | 16:53 |
| meetingology | Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-11-27-16.31.moin.txt | 16:53 |
| mdeslaur | thanks tyhicks! | 16:53 |
| leosilva | tks tyhicks! | 16:53 |
| sarnold | thanks tyhicks! | 16:53 |
| sbeattie | tyhicks: thanks! | 16:53 |
| ratliff | thanks, tyhicks! | 16:54 |
| jdstrand | tyhicks: thanks! | 16:55 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!