20170327
2988
Comment:
|
3399
|
Deletions are marked like this. | Additions are marked like this. |
Line 2: | Line 2: |
== Meeting (DRAFT) == | == Meeting == |
Line 5: | Line 5: |
* '''End''': 16:49 UTC | * '''End''': 16:44 UTC |
Line 14: | Line 14: |
* jjohansen | |
Line 20: | Line 19: |
* None | * jjohansen |
Line 28: | Line 27: |
* many for Personal | |
Line 29: | Line 29: |
* 6 PRs already submitted but more coming * various other Snappy policy updates * some misc review tools changes |
|
Line 31: | Line 34: |
* openssl updates | |
Line 35: | Line 37: |
* publish kernel USNs * openssh update * pick up a security update |
* security updates |
Line 40: | Line 40: |
* finish and submit the second revision of seccomp/libseccomp patches to upstream | * prepare !AppArmor SRU for bug 1661406 |
Line 43: | Line 43: |
* two embargoed issues | * followup on seccomp kernel patches * possibly finish off the work for libseccomp support * libvirt !AppArmor research around what it would take to dynamically update policy as disk image path changes {{{#!wiki comment |
Line 53: | Line 56: |
}}} | |
Line 55: | Line 59: |
* libapache2-mod-auth-mellon MIR | * finish up libapache2-mod-auth-mellon MIR |
Line 59: | Line 63: |
* firefox update * includes regression fix (LP: #Bug:1659922) |
|
Line 60: | Line 66: |
* firefox regression (LP: #Bug:1659922) | * firefox crashing on arm is causing FTBFS * firefox/gcc-4.9 on trusty isn't working |
Line 63: | Line 70: |
* Add touch selection handles and quick menu to UbuntuWebView (LP: #Bug:1638852) | |
Line 65: | Line 73: |
* security updates for ubuntu-core 15.04 * notification process for incoming CVEs |
* security updates for ubuntu-core 15.04 and Touch |
Line 74: | Line 81: |
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-01-30-16.31.moin.txt | Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-02-06-16.30.moin.txt |
Meeting
Who: SecurityTeam
When: Mon Feb 6th 2017 16:30 UTC
End: 16:44 UTC
Where: #ubuntu-meeting on irc.freenode.net
Chaired By: Tyler Hicks (tyhicks)
Attendance
- jdstrand
- mdeslaur
- sbeattie
- tyhicks
- sarnold
- chrisccoulson
- ratliff
Not present
- jjohansen
Agenda
- Announcements
- none
- Weekly stand-up report (each member discusses any pending and planned future work for the week)
- jdstrand
- snappy PR reviews
- many for Personal
- better leverage seccomp arg filtering in snappy confinement policy
- 6 PRs already submitted but more coming
- various other Snappy policy updates
- some misc review tools changes
- snappy PR reviews
- mdeslaur
- weekly role: happy place
- security updates
- sbeattie
- weekly role: happy place
- security updates
- tyhicks
- weekly role: community
prepare AppArmor SRU for bug 1661406
upload AppArmor 2.11.0 to zesty
must workaround an AppArmor utils bug (LP: #1628286) first
- followup on seccomp kernel patches
- possibly finish off the work for libseccomp support
libvirt AppArmor research around what it would take to dynamically update policy as disk image path changes
- sarnold
- weekly role: bug triage
- finish up libapache2-mod-auth-mellon MIR
- pick up another MIR
ChrisCoulson
- oxide updates
- firefox update
includes regression fix (LP: #1659922)
- sponsor chromium-browser updates
- firefox crashing on arm is causing FTBFS
- firefox/gcc-4.9 on trusty isn't working
https://blueprints.launchpad.net/oxide/+spec/ubuntu-webview-implementation
Add JS dialogs to UbuntuWebView (LP: #1637195)
Add touch selection handles and quick menu to UbuntuWebView (LP: #1638852)
- ratliff
- weekly role: CVE triage
- security updates for ubuntu-core 15.04 and Touch
- jdstrand
- Highlighted packages
The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. The highlighted packages for this week are:
The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.
- Miscellaneous and Questions
- none
Log
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-02-06-16.30.moin.txt
MeetingLogs/Security/20170327 (last edited 2017-03-27 16:43:53 by tyhicks)