20180723

Differences between revisions 65 and 108 (spanning 43 versions)
Revision 65 as of 2018-01-22 16:04:08
Size: 2912
Editor: tyhicks
Comment:
Revision 108 as of 2018-07-30 17:56:09
Size: 3009
Editor: emilyr
Comment: added in accidentally omitted community thanks and corrected a typo
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
## page was copied from MeetingLogs/Security/20171211
== Meeting (DRAFT) ==		 ## page was copied from MeetingLogs/Security/20180625
== Meeting ==
Line 4: Line 4:
 * '''When''': Mon Jan 22nd 2018 16:30 UTC
 * '''End''': 16:48 UTC		  * '''When''':  Mon Jul 23 16:31:43 2018 UTC
 * '''End''': 16:56:41
Line 7: Line 7:
 * '''Chaired By''': Tyler Hicks (tyhicks)  * '''Chaired By''': Emily Ratliff (ratliff)
Line 10: Line 10:
 {{{#!wiki comment
Line 11: Line 12:
 }}}
Line 13: Line 15:
 * tyhicks  {{{#!wiki comment
 }}}
Line 18: Line 21:
 * ratliff
 * msalvatore
 * ebarretto
Line 20: Line 26:
 * ratliff  {{{#!wiki comment
 * mdeslaur
 * jjohansen
 }}}
 * jdstrand
 * amurray
Line 24: Line 35:
  * Otto Kekäläinen provided debdiffs for mariadb-5.5, mariadb-10.0, and mariadb-10.1 (LP: #1740608) (LP: #740768)
  * Ray Link (rlink) provided a debdiff for xenial for xmltooling (LP: #1743762)		   * Thanks to Simon Quigley (tsimonq2) for providing a debdiff for qutebrowser in bionic (LP: #Bug:1781295) and debdiffs for kwallet-pam in xenial-bionic (LP: #Bug:1768649)!
  * Thanks to Dan Streetman (ddstreet) for providing debdiffs for libxstream-java for trusty and xenial (LP: #Bug:1780844)!
  * Generalist role rotation
   * CVE Triage: amurray, Bug Triage: mdeslaur, Community: leosilva, Happy Place: barretto, msalvatore, sarnold, ratliff, sbeattie
  * We welcome Mike Salvatore and Eduardo Barretto to the Ubuntu Security Team today! Welcome Mike and Eduardo! We are thrilled that you are joining us to help continue improving security for Ubuntu users!
  * Ubuntu Security Team [[https://grnh.se/8c0a6c1f1|is hiring]]
Line 27: Line 42:
 {{{#!wiki comment
Line 29: Line 45:
    * wayland slot
    * layouts
    * xdg-settings/userd
   * rewrite the snappy-app-dev udev script
   * finish review-tools updates for December
   * pickup brand store snap declarations as have time
   * pickup tun/tap and kmod spread test issues		    * adjust snap-confine to always use a device cgroup
   * follow up on unsquashfs issue (ie, work on re-enabling resquashfs enforcement
   * pick up review-tools snap USNs phase1/part ii work as have time
 }}}
Line 37: Line 50:
   * weekly role: CVE triage
   * openssl security update
   * ubuntu-support-status improvements
   * additional security updates		    * clamav update
   * if possible, mysql update
   * security updates
Line 42: Line 54:
   * weekly role: happy place
   * CVE notifications for snap owners
   * upstream !AppArmor tasks
   * kernel CVE triage
  * tyhicks
   * weekly role: happy place
   * embargoed issues
   * squashfs reproduceability
   * nudge a number of things along:
    * snapd seccomp logging PR
    * libseccomp Xenial SRU
    * audit SRUs
    * libseccomp-golang upstream PR		    * intel-microcode updates
   * internal tasks
 {{{#!wiki comment
 }}}
Line 56: Line 59:
   * !AppArmor mount mediation
   * prepare 4.14 !AppArmor backport for the Ubuntu kernel
   * update the backport kernels		    * LSS-EU program committee duties
   * review mjg's network labeling patch
   * !AppArmor feature work
Line 60: Line 63:
   * weekly role: community
   * libteam MIR		    * MIRs
    * xdg-desktop-portal
   * !DebConf presentation
Line 63: Line 67:
   * publish chromium-browser updates
  {{{#!wiki comment		    * thunderbird 60 updates
   * !AppArmor audit
   * embargoed issue
Line 66: Line 71:
   * weekly role: happy place
   * internal work
   * import KPI data into InfluxDB
  }}}		    * embargoed and internal work
Line 71: Line 73:
   * weekly role: bug triage
   * libxml2 updates
   * additional security updates		    * mutt update publication
   * python-cryptography updates
   * security updates
  * msalvatore
   * ant update
  * ebarretto
   * onboarding tasks
Line 75: Line 81:
 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. The highlighted packages for this week are:
Line 78: Line 83:
  * None   * tsimonq2 asked where the highlighted packages went. A: We stopped publishing a list of highlighted packages because Debian merges were seen as more likely to succeed and known to be needed.
  * tsimonq2 commented that !QtWebEngine needs an update for its embedded Chromium. Discussion deferred to #ubuntu-hardened.
Line 81: Line 87:
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-12-11-16.30.moin.txt http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-07-23-16.31.moin.txt

Meeting

  • Who: SecurityTeam

  • When: Mon Jul 23 16:31:43 2018 UTC

  • End: 16:56:41

  • Where: #ubuntu-meeting on irc.freenode.net

  • Chaired By: Emily Ratliff (ratliff)

Attendance

  • mdeslaur
  • sbeattie
  • jjohansen
  • sarnold
  • chrisccoulson
  • leosilva
  • ratliff
  • msalvatore
  • ebarretto

Not present

  • jdstrand
  • amurray

Agenda

  • Announcements

    • Thanks to Simon Quigley (tsimonq2) for providing a debdiff for qutebrowser in bionic (LP: #1781295) and debdiffs for kwallet-pam in xenial-bionic (LP: #1768649)!

    • Thanks to Dan Streetman (ddstreet) for providing debdiffs for libxstream-java for trusty and xenial (LP: #1780844)!

    • Generalist role rotation
      • CVE Triage: amurray, Bug Triage: mdeslaur, Community: leosilva, Happy Place: barretto, msalvatore, sarnold, ratliff, sbeattie
    • We welcome Mike Salvatore and Eduardo Barretto to the Ubuntu Security Team today! Welcome Mike and Eduardo! We are thrilled that you are joining us to help continue improving security for Ubuntu users!

    • Ubuntu Security Team is hiring

  • Weekly stand-up report (each member discusses any pending and planned future work for the week)
    • mdeslaur
      • clamav update
      • if possible, mysql update
      • security updates
    • sbeattie
      • intel-microcode updates
      • internal tasks
    • jjohansen
      • LSS-EU program committee duties
      • review mjg's network labeling patch

      • AppArmor feature work

    • sarnold
      • MIRs
        • xdg-desktop-portal

      • DebConf presentation

    • ChrisCoulson

      • thunderbird 60 updates

      • AppArmor audit

      • embargoed issue
    • ratliff
      • embargoed and internal work
    • leosilva
      • mutt update publication
      • python-cryptography updates
      • security updates
    • msalvatore
      • ant update
    • ebarretto
      • onboarding tasks
  • Highlighted packages

    The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.

  • Miscellaneous and Questions
    • tsimonq2 asked where the highlighted packages went. A: We stopped publishing a list of highlighted packages because Debian merges were seen as more likely to succeed and known to be needed.

    • tsimonq2 commented that QtWebEngine needs an update for its embedded Chromium. Discussion deferred to #ubuntu-hardened.

Log

http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-07-23-16.31.moin.txt

MeetingLogs/Security/20180723 (last edited 2018-07-30 17:56:09 by emilyr)