20161205
3362
Comment:
|
2985
|
Deletions are marked like this. | Additions are marked like this. |
Line 1: | Line 1: |
## page was copied from MeetingLogs/Security/20160620 | ## page was copied from MeetingLogs/Security/20160627 |
Line 4: | Line 4: |
* '''When''': Mon June 27th 2016 16:30 UTC * '''End''': 16:50 UTC |
* '''When''': Mon July 11th 2016 16:31 UTC * '''End''': 16:54 UTC |
Line 10: | Line 10: |
* jdstrand | |
Line 20: | Line 19: |
* None | * jdstrand |
Line 27: | Line 26: |
{{{#!wiki comment | |
Line 28: | Line 28: |
* snappy PR followups (gsettings, input methods) * snappy interface reviews (modem-manager, ppp, etc) * seccomp arg filtering follow-ups * various snapd interface policy updates and investigations * review tools updates for upcoming snap.yaml changes and various bug fixes * im-config testing * docker interface as have time |
* Snappy dbus-bind interface * Snappy interfaces documentation * Work with morphis on testing/sponsoring pulseaudio SRU for disabling recording if snap policy (ie, finish phase 1) }}} |
Line 36: | Line 33: |
* weekly role: CVE triage * publish security updates that were prepared/tested last week during the sprint * publish some additional security updates after testing * update the UEFI secure boot testing instructions |
* weekly role: community * tomcat updates * patch piloting |
Line 41: | Line 37: |
* weekly role: happy place * post-sprint followups/todos * pick up a security update * watch for and fix build failures in yakkety due to gcc pie changes * investigate failing aslr tests on ppc64el and s390x (LP: #1594347) |
* weekly role: bug triage * kernel USNs * sponsor kinit update * watch for doko's yakkety test rebuild and fix any PIE related build failures |
Line 47: | Line 42: |
* weekly role: community * post-sprint followups/todos * AppArmor upload and SRU * lingering email catchup from vacation and sprint weeks |
* weekly role: cve triage * !AppArmor upload and SRU |
Line 52: | Line 45: |
* snap-confine PR reviews (seccomp arg filtering and some others that landed without security team review) | * embargoed issue |
Line 55: | Line 48: |
* post-sprint followups/todos * finish 4.7 AppArmor rebase and handoff to the kernel team * prepare upstream kernel pull request for some of the Ubuntu AppArmor delta |
* finish IPC cross label validation fix for stacking * revise profile name validation checks * LXC/LXD use some characters that were planned to be blocked * prepare upstream kernel pull request for some of the Ubuntu !AppArmor delta * finish testing 4.7 !AppArmor rebase and handoff to the kernel team |
Line 59: | Line 54: |
* weekly role: bug triage * sprint prep and imagemagick |
* weekly role: happy place * embargoed issue * MIR audits |
Line 62: | Line 58: |
* chromium-browser sponsoring * publish Oxide update * test oxide on arm64 and fix any bugs discovered * converged device [[https://blueprints.launchpad.net/oxide/+spec/converged-device-support|features]] for oxide |
|
Line 63: | Line 64: |
* oxide updates * test oxide on arm64 and fix any bugs discovered |
|
Line 66: | Line 65: |
* post-sprint followups/todos * misc management tasks * finish the manager transition tasks from jdstrand * take time to learn the UCT tools |
* look into the Ubuntu CVE tracker |
Line 77: | Line 73: |
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2016/ubuntu-meeting.2016-06-20-16.31.moin.txt | Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2016/ubuntu-meeting.2016-06-27-16.31.moin.txt |
Meeting (DRAFT)
Who: SecurityTeam
When: Mon July 11th 2016 16:31 UTC
End: 16:54 UTC
Where: #ubuntu-meeting on irc.freenode.net
Chaired By: Tyler Hicks (tyhicks)
Attendance
- mdeslaur
- sbeattie
- tyhicks
- jjohansen
- sarnold
ChrisCoulson
- ratliff
Not present
- jdstrand
Agenda
- Announcements
- Stefan Bader (smb) provided debdiffs for precise-xenial for xen
- Otto Kekäläinen (otto) provided debdiffs for wily-xenial for mariadb-10.0 (LP: #1589302)
- Weekly stand-up report (each member discusses any pending and planned future work for the week)
- mdeslaur
- weekly role: community
- tomcat updates
- patch piloting
- sbeattie
- weekly role: bug triage
- kernel USNs
- sponsor kinit update
- watch for doko's yakkety test rebuild and fix any PIE related build failures
- tyhicks
- weekly role: cve triage
AppArmor upload and SRU
- seccomp complain mode
- embargoed issue
- jjohansen
focus on AppArmor (stacking bugs for 16.04)
- finish IPC cross label validation fix for stacking
- revise profile name validation checks
- LXC/LXD use some characters that were planned to be blocked
prepare upstream kernel pull request for some of the Ubuntu AppArmor delta
finish testing 4.7 AppArmor rebase and handoff to the kernel team
- sarnold
- weekly role: happy place
- embargoed issue
- MIR audits
ChrisCoulson
- chromium-browser sponsoring
- publish Oxide update
- test oxide on arm64 and fix any bugs discovered
converged device features for oxide
- document instructions for doing flash updates
- ratliff
- look into the Ubuntu CVE tracker
- Highlighted packages
The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. The highlighted packages for this week are:
The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.
- Miscellaneous and Questions
- None
Log
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2016/ubuntu-meeting.2016-06-27-16.31.moin.txt
MeetingLogs/Security/20161205 (last edited 2016-12-05 18:56:44 by tyhicks)