| === maclin1 is now known as maclin | ||
| === niedbalski_ is now known as niedbalski | ||
| tyhicks | hello | 16:43 |
|---|---|---|
| tyhicks | #startmeeting | 16:43 |
| meetingology | Meeting started Mon Jan 22 16:43:28 2018 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. | 16:43 |
| meetingology | Available commands: action commands idea info link nick | 16:43 |
| tyhicks | The meeting agenda can be found at: | 16:43 |
| tyhicks | [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting | 16:43 |
| tyhicks | [TOPIC] Announcements | 16:43 |
| === meetingology changed the topic of #ubuntu-meeting to: Announcements | ||
| tyhicks | Otto Kekäläinen provided debdiffs for mariadb-5.5, mariadb-10.0, and mariadb-10.1 (LP: #1740608) (LP: #740768) | 16:43 |
| ubottu | Launchpad bug 1740608 in mariadb-5.5 (Ubuntu) "USN-3459-1: partially applies to MariaDB too" [Medium,Fix released] https://launchpad.net/bugs/1740608 | 16:43 |
| ubottu | Launchpad bug 740768 in Datum soerepro "soerepro: cultural practices extraction, Fatal error: Method CForm::__toString() must not throw an exception" [Critical,Fix released] https://launchpad.net/bugs/740768 | 16:43 |
| tyhicks | that's not the right bug | 16:44 |
| tyhicks | I dropped a digit | 16:44 |
| tyhicks | (LP: #1740768) | 16:44 |
| ubottu | Launchpad bug 1740768 in mariadb-10.1 (Ubuntu) "CVE-2017-15365: Replication in sql/event_data_objects.cc occurs before ACL checks" [Undecided,Fix released] https://launchpad.net/bugs/1740768 | 16:44 |
| mdeslaur | \o | 16:44 |
| tyhicks | Ray Link (rlink) provided a debdiff for xenial for xmltooling (LP: #1743762) | 16:45 |
| ubottu | Launchpad bug 1743762 in xmltooling (Ubuntu Bionic) "Security bug in XMLTooling-C before 1.6.3 [CVE-2018-0486]" [Undecided,Triaged] https://launchpad.net/bugs/1743762 | 16:45 |
| tyhicks | Thank you for your assistance in keeping Ubuntu users secure! :) | 16:45 |
| tyhicks | [TOPIC] Weekly stand-up report | 16:45 |
| === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report | ||
| tyhicks | jdstrand: you're up | 16:45 |
| jdstrand | hi | 16:46 |
| jdstrand | Last week I attended the product sprint so this week I will be playing catch-up and working through sprint outcomes. In addition to that, I plan to focus on: | 16:46 |
| jdstrand | * snappy PR reviews, esp wrt the layouts feature, portals and the x11 interface slot policy | 16:46 |
| jdstrand | * look at an lxd snap regression wrt to 'partial apparmor confinement' feature | 16:46 |
| jdstrand | * prepare a demo with tyhicks wrt lsm stacking | 16:46 |
| jdstrand | * review tools updates as have time | 16:46 |
| jdstrand | * create screecast interface as have time | 16:46 |
| jdstrand | * strict mode snaps on livecd as have time | 16:46 |
| jdstrand | that's it from me. mdeslaur, you're up | 16:46 |
| mdeslaur | I'm on triage this week | 16:47 |
| mdeslaur | and I'm in the process of publishing a few usns | 16:47 |
| mdeslaur | I need to take a look at the state of qemu patches | 16:47 |
| mdeslaur | and will either work on that this week, or something else depending on priority | 16:47 |
| mdeslaur | that's about it for me, sbeattie? | 16:47 |
| sbeattie | I'm in the happy place this week | 16:48 |
| sbeattie | I'm working on backporting the gcc retpoline patchset back to trusty + precise-esm, after having respun them. | 16:48 |
| sbeattie | (those are x86 only) | 16:49 |
| sbeattie | I'm also trying to track down chat toolchain changes are needed for other arches. | 16:49 |
| sbeattie | There'll be some kernel USNs to publish as the first attempt at spectre mitigations lands. | 16:50 |
| sbeattie | (and the usual kernel cve triage) | 16:50 |
| sbeattie | There's also likely openjdk packages coming down the pike. | 16:50 |
| sbeattie | That's it for me. | 16:50 |
| sbeattie | tyhicks: you're up. | 16:50 |
| tyhicks | sbeattie: that sounds like a lot going on at once so pull me in when needed | 16:51 |
| tyhicks | I have sprint followups | 16:51 |
| tyhicks | need to transcribe my notes | 16:51 |
| tyhicks | (from the sprint) | 16:51 |
| tyhicks | working on an LSM stacking demo | 16:51 |
| tyhicks | meltdown and spectre coordination will continue to take quite a bit of my time | 16:52 |
| tyhicks | that's probably enough for this week | 16:52 |
| tyhicks | jjohansen: you're up | 16:52 |
| jdstrand | oh I forgot to mention the chrony upload | 16:53 |
| jdstrand | I plan to upload chrony with an apparmor profile | 16:53 |
| jjohansen | I am working on updating our stacking patches against the latest revision of the LSM stacking patches | 16:53 |
| jjohansen | once I get that done it will be back to looking at the mount patches | 16:54 |
| jjohansen | and fosdem prep | 16:54 |
| jjohansen | and of course working on the 4.16 pull request | 16:54 |
| jjohansen | that is it for me, sarnold you are up | 16:55 |
| tyhicks | jjohansen: the mount patches are for the 4.16 pull request, right? | 16:55 |
| jjohansen | tyhicks: I know David would like to get them in, whether they are actually going 4.16 I am unsure | 16:56 |
| tyhicks | oh, that's for David | 16:56 |
| jjohansen | yeah, the whole mount system rework | 16:56 |
| tyhicks | right | 16:56 |
| tyhicks | I forgot about that | 16:57 |
| jjohansen | atm I am working with it as if they are going to be part of a 4.16 pull request, and will be happy if they aren't | 16:58 |
| tyhicks | ack, thanks | 16:58 |
| tyhicks | sarnold: go ahead | 16:58 |
| sarnold | I'm on community this week; I'm starting the libsdl2 MIR | 16:58 |
| sarnold | at least I think that's the one to start; ratliff said a few weeks ago that it'd be next in the queue, but now I see that cpae lzer intends to switch qemu to use the new sdl in 18.10 .. | 16:59 |
| sarnold | which makes me curious what the plan ought to be | 16:59 |
| sarnold | there's nothing too wrong with doing a mir 'earlier' than it's needed of course but it'd probably be nice to have just one sdl in 18.04 main | 17:00 |
| tyhicks | sarnold: lets sync with cpae lzer after this meeting and get his opinion on that vs chrony vs something else | 17:00 |
| sarnold | tyhicks: okay, makes sense | 17:00 |
| sarnold | chrisccoulson, you're up :) | 17:00 |
| chrisccoulson | I've got firefox updates this week, and a chromium update to test and publish | 17:00 |
| chrisccoulson | I also need to start the first rust update of 2018. Hoping it will be an easy one | 17:01 |
| chrisccoulson | I did finally start on the changes to the apparmor audit logging last week, so I intend to carry on with that this week | 17:02 |
| tyhicks | oh, nice | 17:03 |
| chrisccoulson | and I can step in if sbeattie wants any help with openjdk updates too | 17:03 |
| chrisccoulson | that's me done | 17:03 |
| tyhicks | leosilva: you're up | 17:04 |
| leosilva | I'm in bug triage this week | 17:04 |
| leosilva | I have a gimp USN to push and rsync too. | 17:04 |
| leosilva | Also have a libvirt updates to re-test and figure out what is happening in precise version. | 17:04 |
| leosilva | besided that I'll push mysql to my update stack and keepg looking for others pkgs. | 17:05 |
| leosilva | That's all from me. | 17:05 |
| leosilva | tyhicks: you are back. | 17:05 |
| tyhicks | thanks! | 17:05 |
| tyhicks | [TOPIC] Highlighted packages | 17:05 |
| === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages | ||
| tyhicks | The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. | 17:05 |
| tyhicks | See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. | 17:05 |
| tyhicks | https://people.canonical.com/~ubuntu-security/cve/pkg/nip2.html | 17:05 |
| tyhicks | https://people.canonical.com/~ubuntu-security/cve/pkg/simple-xml.html | 17:05 |
| tyhicks | https://people.canonical.com/~ubuntu-security/cve/pkg/pjproject.html | 17:05 |
| tyhicks | https://people.canonical.com/~ubuntu-security/cve/pkg/open-iscsi.html | 17:05 |
| tyhicks | Does anyone have any other questions or items to discuss? | 17:05 |
| tyhicks | https://people.canonical.com/~ubuntu-security/cve/pkg/python-tablib.html | 17:06 |
| tyhicks | [TOPIC] Miscellaneous and Questions | 17:06 |
| === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions | ||
| tyhicks | jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, leosilva: Thanks! | 17:09 |
| tyhicks | #endmeeting | 17:09 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds: Please leave swords by the door | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendars | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | ||
| meetingology | Meeting ended Mon Jan 22 17:09:57 2018 UTC. | 17:09 |
| meetingology | Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-01-22-16.43.moin.txt | 17:09 |
| leosilva | tks tyhicks! | 17:10 |
| sbeattie | tyhicks: thanks! | 17:10 |
| sarnold | thanks tyhicks! | 17:10 |
| jjohansen | thanks tyhicks | 17:11 |
| jdstrand | tyhicks: thanks! | 17:17 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!