20150427

Differences between revisions 41 and 42
Revision 41 as of 2015-04-13 16:31:03
Size: 3292
Editor: tyhicks
Comment:
Revision 42 as of 2015-04-13 17:00:58
Size: 2699
Editor: tyhicks
Comment:
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
== Meeting (DRAFT) == == Meeting ==
Line 5: Line 5:
 * '''When''': Mon Apr 13th 2015 16:30 UTC  * '''When''': Mon Apr 13th 2015 16:37 UTC
Line 28: Line 28:
   {{{#!wiki comment
   * Write review tool tests for new snappy security yaml
   * Finish landing the snappy framework policy changes
   * Write review tool tests for new snappy hashes.yaml
   * Continue working on snappy seccomp policy
   }}}		    * Ubuntu Core sprint
   * Focusing on snappy (seccomp and the review tools)
Line 36: Line 32:
   {{{#!wiki comment
   * Patch piloting
   * tiff updates
   * gnupg/libgcrypt updates
   }}}		    * ntp updates
   * several updates related to a libx11 issue
   * embargoed issue
Line 43: Line 37:
   {{{#!wiki comment
Line 47: Line 40:
   }}}
Line 50: Line 42:
   * Vivid systemd/sbuild/schroot/kernel bugs (LP: #1427264) (LP: #1438942)    * Vivid systemd/sbuild/schroot bugs (LP: #1427264) (LP: #1438942)
Line 54: Line 46:
   {{{#!wiki comment
   * Post-vacation catch up
   * AppArmor patch review
   * Kernel security update workflow
Line 59: Line 47:
   * Find a tester for a potention fix of bug #1430546
   * Followup with kernel team regarding the bug #1423810 and #1423810 fixes landing
   }}}		    * Embargoed issue
   * Prepare for monthly AppArmor meeting
Line 65: Line 52:
    {{{#!wiki comment
Line 67: Line 53:
    * Outstanding MIR requests
    }}}		     * conntrack MIR
Line 70: Line 55:
    {{{#!wiki comment
    * Mozilla updates		     * Oxide updates
    * Embargoed issue
Line 73: Line 58:
    * Work on 'Persist permission request decisions for a session' (LP: #1428754)
    * Work on bug #1410996 and bug #1422920
    }}}		     * Oxide bugs
Line 82: Line 65:
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-04-06-16.45.moin.txt Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-04-13-16.37.moin.txt

Meeting

  • Who: SecurityTeam

  • When: Mon Apr 13th 2015 16:37 UTC

  • End: 17:00 UTC

  • Where: #ubuntu-meeting on irc.freenode.net

  • Chaired By: Tyler Hicks (tyhicks)

Attendance

  • jdstrand
  • mdeslaur
  • sbeattie
  • tyhicks
  • jjohansen
  • sarnold
  • chrisccoulson

Not present

Agenda

  • Announcements
    • Johan Van de Wauw (johanvdw) provided debdiffs for trusty-vivid for freexl (LP: #1437087)
    • Thomas Ward (teward) provided a debdiff for utopic for wireshark (LP: #1440202)
    • Stefan Bader (smb) provided debdiffs for trusty and utopic for xen
  • Weekly stand-up report (each member discusses any pending and planned future work for the week)
    • jdstrand
      • Ubuntu Core sprint
      • Focusing on snappy (seccomp and the review tools)
    • mdeslaur
      • weekly role: cve triage
      • ntp updates
      • several updates related to a libx11 issue
      • embargoed issue
    • sbeattie
      • weekly role: happy place

      • AppArmor patch review

      • Prepare for Trusty SRU of AppArmor python utils

      • Continue testing of gcc-5 pie-on-amd64 packages
    • tyhicks
      • weekly role: community
      • Vivid systemd/sbuild/schroot bugs (LP: #1427264) (LP: #1438942)

      • Restart work on AppArmor kernel keyring mediation for user data encryption

      • Send out the patches to fix bug #1430532
    • jjohansen

      • AppArmor kernel cleanups and upstreaming

      • Embargoed issue

      • Prepare for monthly AppArmor meeting

    • sarnold
      • weekly role: bug triage
      • python-cryptography MIR (LP: #1430082)

      • OpenStack security updates

      • conntrack MIR
    • chriscoulson
      • Oxide updates
      • Embargoed issue
      • Get Firefox buildable again in 12.04 (Mozilla bumped the GCC requirement to version 4.7)
      • Oxide bugs
  • Highlighted packages

    The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. The highlighted packages for this week are:

    The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.

  • Miscellaneous and Questions

Log

Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-04-13-16.37.moin.txt

MeetingLogs/Security/20150427 (last edited 2015-04-27 16:59:43 by tyhicks)