20170313

Differences between revisions 12 and 14 (spanning 2 versions)
Revision 12 as of 2017-02-13 16:11:37
Size: 3454
Editor: tyhicks
Comment:
Revision 14 as of 2017-02-13 16:50:37
Size: 3322
Editor: tyhicks
Comment:
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:
## page was copied from MeetingLogs/Security/20170130
Line 5: Line 4:
 * '''When''': Mon Feb 6th 2017 16:30 UTC
 * '''End''': 16:44 UTC		  * '''When''': Mon Feb 13th 2017 16:31 UTC
 * '''End''': 16:49 UTC
Line 13: Line 12:
 * sbeattie
Line 15: Line 13:
 * jjohansen
Line 20: Line 19:
 * jjohansen  * sbeattie
Line 24: Line 23:
  * none   * James Page (jamespage) provided a debdiff for xenial for nova-lxd (LP: #Bug:1656847)
  * Jeremy Bicha (jbicha) provided debdiffs for yakkety for bubblewrap and flatpak (LP: #Bug:1657357)
  * Jeremy Bicha (jbicha) worked to remove jasper from zesty (LP: #Bug:1612835)
Line 27: Line 28:
   * store reviews
   * email/irc catchup from being off
   * gsetting mediation patch review
Line 29: Line 33:
    * console access
    * 'notion of trust'
Line 32: Line 38:
   * some misc review tools changes
Line 34: Line 39:
   * weekly role: happy place    * weekly role: CVE triage
   * close to publishing a webkit2gtk update but a regression was discovered
   * php5 updates
Line 36: Line 43:
  {{{#!wiki comment
Line 39: Line 47:
  }}}
Line 41: Line 50:
   * prepare !AppArmor SRU for bug 1661406
   * upload !AppArmor 2.11.0 to zesty
    * must workaround an !AppArmor utils bug (LP: #Bug:1628286) first
   * followup on seccomp kernel patches
    * possibly finish off the work for libseccomp support
   * libvirt !AppArmor research around what it would take to dynamically update policy as disk image path changes
  {{{#!wiki comment		    * finish testing and submit seccomp logging kernel patchset v3
   * check on !AppArmor Zesty upload (blocked by a perl update)
   * assist in landing the dconf/gsettings mediation
   * tcpdump updates (LP: #Bug:1662177)
Line 49: Line 55:
   * !AppArmor bugs
    * flock not mediated with 'k' (LP: #Bug:1658219)
    * disconnected path when using filesystem namespaces (LP: #Bug:1656121)
   * clean up and send xenial/yakkety !AppArmor patches to the kernel team
   * revise dconf/gsettings mediation patches after sync with desktop team
   * reply to tetsuo and finish kernel patch around !AppArmor data for a task		    * dconf/gsettings mediation
    * developing the !AppArmor policy notifaction interface
    * revising userspace patches as reviews come in
Line 56: Line 59:
    * maybe the changes to securityfs
  }}}
Line 59: Line 60:
   * weekly role: bug triage    * weekly role: community
Line 63: Line 64:
   * oxide updates
   * firefox update
    * includes regression fix (LP: #Bug:1659922)
   * sponsor chromium-browser updates
   * firefox crashing on arm is causing FTBFS
   * firefox/gcc-4.9 on trusty isn't working		    * getting rustc working everywhere to be able to provide firefox updates
    * Mozilla is requiring a very new rustc version (1.15.1) to build firefox
Line 70: Line 67:
    * Add JS dialogs to !UbuntuWebView (LP: #Bug:1637195)
Line 73: Line 69:
   * weekly role: CVE triage    * weekly role: bug triage
Line 82: Line 78:
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-02-06-16.30.moin.txt Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-02-13-16.31.moin.txt

Meeting

  • Who: SecurityTeam

  • When: Mon Feb 13th 2017 16:31 UTC

  • End: 16:49 UTC

  • Where: #ubuntu-meeting on irc.freenode.net

  • Chaired By: Tyler Hicks (tyhicks)

Attendance

  • jdstrand
  • mdeslaur
  • tyhicks
  • jjohansen
  • sarnold
  • chrisccoulson
  • ratliff

Not present

  • sbeattie

Agenda

  • Announcements

    • James Page (jamespage) provided a debdiff for xenial for nova-lxd (LP: #1656847)

    • Jeremy Bicha (jbicha) provided debdiffs for yakkety for bubblewrap and flatpak (LP: #1657357)

    • Jeremy Bicha (jbicha) worked to remove jasper from zesty (LP: #1612835)

  • Weekly stand-up report (each member discusses any pending and planned future work for the week)
    • jdstrand
      • store reviews
      • email/irc catchup from being off
      • gsetting mediation patch review
      • snappy PR reviews
        • many for Personal
        • console access
        • 'notion of trust'
      • better leverage seccomp arg filtering in snappy confinement policy
        • 6 PRs already submitted but more coming
      • various other Snappy policy updates
    • mdeslaur
      • weekly role: CVE triage
      • close to publishing a webkit2gtk update but a regression was discovered
      • php5 updates
      • security updates
    • tyhicks
      • weekly role: community
      • finish testing and submit seccomp logging kernel patchset v3

      • check on AppArmor Zesty upload (blocked by a perl update)

      • assist in landing the dconf/gsettings mediation

      • tcpdump updates (LP: #1662177)

    • jjohansen
      • dconf/gsettings mediation

        • developing the AppArmor policy notifaction interface

        • revising userspace patches as reviews come in

      • preparing next batch of AppArmor kernel patches to upstream

    • sarnold
      • weekly role: community
      • finish up libapache2-mod-auth-mellon MIR
      • pick up another MIR

    • ChrisCoulson

    • ratliff
      • weekly role: bug triage
      • security updates for ubuntu-core 15.04 and Touch
  • Highlighted packages

    The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. The highlighted packages for this week are:

    The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.

  • Miscellaneous and Questions
    • none

Log

Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-02-13-16.31.moin.txt

MeetingLogs/Security/20170313 (last edited 2017-03-13 16:49:12 by tyhicks)