=== maclin1 is now known as maclin === niedbalski_ is now known as niedbalski [16:43] hello [16:43] #startmeeting [16:43] Meeting started Mon Jan 22 16:43:28 2018 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. [16:43] Available commands: action commands idea info link nick [16:43] The meeting agenda can be found at: [16:43] [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting [16:43] [TOPIC] Announcements === meetingology changed the topic of #ubuntu-meeting to: Announcements [16:43] Otto Kekäläinen provided debdiffs for mariadb-5.5, mariadb-10.0, and mariadb-10.1 (LP: #1740608) (LP: #740768) [16:43] Launchpad bug 1740608 in mariadb-5.5 (Ubuntu) "USN-3459-1: partially applies to MariaDB too" [Medium,Fix released] https://launchpad.net/bugs/1740608 [16:43] Launchpad bug 740768 in Datum soerepro "soerepro: cultural practices extraction, Fatal error: Method CForm::__toString() must not throw an exception" [Critical,Fix released] https://launchpad.net/bugs/740768 [16:44] that's not the right bug [16:44] I dropped a digit [16:44] (LP: #1740768) [16:44] Launchpad bug 1740768 in mariadb-10.1 (Ubuntu) "CVE-2017-15365: Replication in sql/event_data_objects.cc occurs before ACL checks" [Undecided,Fix released] https://launchpad.net/bugs/1740768 [16:44] \o [16:45] Ray Link (rlink) provided a debdiff for xenial for xmltooling (LP: #1743762) [16:45] Launchpad bug 1743762 in xmltooling (Ubuntu Bionic) "Security bug in XMLTooling-C before 1.6.3 [CVE-2018-0486]" [Undecided,Triaged] https://launchpad.net/bugs/1743762 [16:45] Thank you for your assistance in keeping Ubuntu users secure! :) [16:45] [TOPIC] Weekly stand-up report === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report [16:45] jdstrand: you're up [16:46] hi [16:46] Last week I attended the product sprint so this week I will be playing catch-up and working through sprint outcomes. In addition to that, I plan to focus on: [16:46] * snappy PR reviews, esp wrt the layouts feature, portals and the x11 interface slot policy [16:46] * look at an lxd snap regression wrt to 'partial apparmor confinement' feature [16:46] * prepare a demo with tyhicks wrt lsm stacking [16:46] * review tools updates as have time [16:46] * create screecast interface as have time [16:46] * strict mode snaps on livecd as have time [16:46] that's it from me. mdeslaur, you're up [16:47] I'm on triage this week [16:47] and I'm in the process of publishing a few usns [16:47] I need to take a look at the state of qemu patches [16:47] and will either work on that this week, or something else depending on priority [16:47] that's about it for me, sbeattie? [16:48] I'm in the happy place this week [16:48] I'm working on backporting the gcc retpoline patchset back to trusty + precise-esm, after having respun them. [16:49] (those are x86 only) [16:49] I'm also trying to track down chat toolchain changes are needed for other arches. [16:50] There'll be some kernel USNs to publish as the first attempt at spectre mitigations lands. [16:50] (and the usual kernel cve triage) [16:50] There's also likely openjdk packages coming down the pike. [16:50] That's it for me. [16:50] tyhicks: you're up. [16:51] sbeattie: that sounds like a lot going on at once so pull me in when needed [16:51] I have sprint followups [16:51] need to transcribe my notes [16:51] (from the sprint) [16:51] working on an LSM stacking demo [16:52] meltdown and spectre coordination will continue to take quite a bit of my time [16:52] that's probably enough for this week [16:52] jjohansen: you're up [16:53] oh I forgot to mention the chrony upload [16:53] I plan to upload chrony with an apparmor profile [16:53] I am working on updating our stacking patches against the latest revision of the LSM stacking patches [16:54] once I get that done it will be back to looking at the mount patches [16:54] and fosdem prep [16:54] and of course working on the 4.16 pull request [16:55] that is it for me, sarnold you are up [16:55] jjohansen: the mount patches are for the 4.16 pull request, right? [16:56] tyhicks: I know David would like to get them in, whether they are actually going 4.16 I am unsure [16:56] oh, that's for David [16:56] yeah, the whole mount system rework [16:56] right [16:57] I forgot about that [16:58] atm I am working with it as if they are going to be part of a 4.16 pull request, and will be happy if they aren't [16:58] ack, thanks [16:58] sarnold: go ahead [16:58] I'm on community this week; I'm starting the libsdl2 MIR [16:59] at least I think that's the one to start; ratliff said a few weeks ago that it'd be next in the queue, but now I see that cpae lzer intends to switch qemu to use the new sdl in 18.10 .. [16:59] which makes me curious what the plan ought to be [17:00] there's nothing too wrong with doing a mir 'earlier' than it's needed of course but it'd probably be nice to have just one sdl in 18.04 main [17:00] sarnold: lets sync with cpae lzer after this meeting and get his opinion on that vs chrony vs something else [17:00] tyhicks: okay, makes sense [17:00] chrisccoulson, you're up :) [17:00] I've got firefox updates this week, and a chromium update to test and publish [17:01] I also need to start the first rust update of 2018. Hoping it will be an easy one [17:02] I did finally start on the changes to the apparmor audit logging last week, so I intend to carry on with that this week [17:03] oh, nice [17:03] and I can step in if sbeattie wants any help with openjdk updates too [17:03] that's me done [17:04] leosilva: you're up [17:04] I'm in bug triage this week [17:04] I have a gimp USN to push and rsync too. [17:04] Also have a libvirt updates to re-test and figure out what is happening in precise version. [17:05] besided that I'll push mysql to my update stack and keepg looking for others pkgs. [17:05] That's all from me. [17:05] tyhicks: you are back. [17:05] thanks! [17:05] [TOPIC] Highlighted packages === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages [17:05] The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. [17:05] See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. [17:05] https://people.canonical.com/~ubuntu-security/cve/pkg/nip2.html [17:05] https://people.canonical.com/~ubuntu-security/cve/pkg/simple-xml.html [17:05] https://people.canonical.com/~ubuntu-security/cve/pkg/pjproject.html [17:05] https://people.canonical.com/~ubuntu-security/cve/pkg/open-iscsi.html [17:05] Does anyone have any other questions or items to discuss? [17:06] https://people.canonical.com/~ubuntu-security/cve/pkg/python-tablib.html [17:06] [TOPIC] Miscellaneous and Questions === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions [17:09] jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson, leosilva: Thanks! [17:09] #endmeeting === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds: Please leave swords by the door | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendars | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology [17:09] Meeting ended Mon Jan 22 17:09:57 2018 UTC. [17:09] Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-01-22-16.43.moin.txt [17:10] tks tyhicks! [17:10] tyhicks: thanks! [17:10] thanks tyhicks! [17:11] thanks tyhicks [17:17] tyhicks: thanks!