20180730

Differences between revisions 8 and 108 (spanning 100 versions)
Revision 8 as of 2017-06-26 16:47:37
Size: 3155
Editor: tyhicks
Comment:
Revision 108 as of 2018-07-30 17:31:57
Size: 2763
Editor: emilyr
Comment:
Deletions are marked like this. Additions are marked like this.
Line 1: Line 1:
## page was copied from MeetingLogs/Security/20170619 ## page was copied from MeetingLogs/Security/20180723
## page was copied from MeetingLogs/Security/20180625
Line 4: Line 5:
 * '''When''': Mon June 26th 2017 16:32 UTC
 * '''End''': 16:46 UTC		  * '''When''':  Mon Jul 23 16:31:43 2018 UTC
 * '''End''': 16:56:41
Line 7: Line 8:
 * '''Chaired By''': Tyler Hicks (tyhicks)  * '''Chaired By''': Emily Ratliff (ratliff)
Line 10: Line 11:
 {{{#!wiki comment
Line 11: Line 13:
 }}}
Line 13: Line 16:
 * tyhicks  {{{#!wiki comment
 }}}
 * jjohansen
 * sarnold
Line 15: Line 21:
 * leosilva
Line 16: Line 23:
 * leosilva  * msalvatore
 * ebarretto
Line 19: Line 27:
 {{{#!wiki comment
 * mdeslaur
Line 20: Line 30:
 * sarnold  }}}
 * jdstrand
 * amurray
Line 24: Line 36:
  * None   * Generalist role rotation
   * CVE Triage: amurray, Bug Triage: mdeslaur, Community: leosilva, Happy Place: barretto, msalvatore, sarnold, ratliff, sbeattie
  * We welcome Mike Salvatore and Eduardo Barretto to the Ubuntu Security Team today! Welcome Mike and Eduardo! We are thrilled that you are joining us to help continue improving security for Ubuntu users!
  * Ubuntu Security Team [[https://grnh.se/8c0a6c1f1|is hiring]]
Line 26: Line 41:
 {{{#!wiki comment
Line 27: Line 43:
   * password-manager-service interface PR
    * finish testing and respond to feedback
   * finish overlayfs/apparmor/snaps investigation
    * file overlay/apparmor bugs
   * snappy-debug work
    * fix to work with journald
   * miscellaneous snappy policy updates PR
   * wayland interface, as time allows		    * snapd PR reviews
   * adjust snap-confine to always use a device cgroup
   * follow up on unsquashfs issue (ie, work on re-enabling resquashfs enforcement
   * pick up review-tools snap USNs phase1/part ii work as have time
 }}}
Line 36: Line 49:
   * weekly role: happy place
   * apache2 updates
   * additional security updates as time allows		    * clamav update
   * if possible, mysql update
   * security updates
Line 40: Line 53:
   * weekly role: happy place
   * kernel USN publication
   * kernel CVE triage
   * sudo update
   * openssh update
   * !AppArmor patch review
  * tyhicks
   * weekly role: community
   * fscrypt evaluation
   * seccomp patches
   * !eCryptfs patch review (userspace and kernel)
  {{{#!wiki comment		    * intel-microcode updates
   * internal tasks
 {{{#!wiki comment
 }}}
Line 53: Line 58:
   * kernel USN publication
   * upstream linux-security-module reviews
    * new revision of LSM stacking patches
    * path based LSM changes from Tetsuo
   * !AppArmor kernel patch upstreaming
    * push out namespacing patch set for review
    * work on an RFC patch set for networking/unix socket mediation
   * LSS program committee duties
    * book travel
    * help set the schedule
  }}}
  {{{#!wiki comment		    * LSS-EU program committee duties
   * review mjg's network labeling patch
   * !AppArmor feature work
Line 66: Line 62:
   * weekly role: bug triage
   * xdelta3 mir
   * gdm3 mir
   * !AppArmor patch review to support jjohansen's upstreaming work
  }}}		    * MIRs
    * xdg-desktop-portal
   * !DebConf presentaton
Line 72: Line 66:
   * thunderbird 60 updates
   * !AppArmor audit
Line 73: Line 69:
   * thunderbird update
    * test new respin builds
   * chromium update to test and publish
   * investigate spidermonkey/gjs maintenance plan
    * see how feasible patch backporting is
Line 79: Line 70:
   * weekly role: CVE triage
   * Ubuntu Core 15 updates		    * embargoed and internal work
Line 82: Line 72:
   * finish shadow testing
   * shadow sarnold in bug triage duties		    * mutt update publication
   * python-cryptography updates
   * security updates
  * msalvatore
   * ant update
  * ebarretto
   * onboarding tasks
Line 85: Line 80:
 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. The highlighted packages for this week are:
Line 88: Line 82:
  * none   * tsimonq2 asked where the highlighted packages went. A: We stopped publishing a list of highlighted packages because Debian merges were seen as more likely to succeed and known to be needed.
  * tsimonq2 commented that !QtWebEngine needs an update for its embedded Chromium. Discussion deferred to #ubuntu-hardened.
Line 91: Line 86:
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-06-26-16.32.moin.txt http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-07-23-16.31.moin.txt

Meeting

  • Who: SecurityTeam

  • When: Mon Jul 23 16:31:43 2018 UTC

  • End: 16:56:41

  • Where: #ubuntu-meeting on irc.freenode.net

  • Chaired By: Emily Ratliff (ratliff)

Attendance

  • mdeslaur
  • sbeattie
  • jjohansen
  • sarnold
  • chrisccoulson
  • leosilva
  • ratliff
  • msalvatore
  • ebarretto

Not present

  • jdstrand
  • amurray

Agenda

  • Announcements
    • Generalist role rotation
      • CVE Triage: amurray, Bug Triage: mdeslaur, Community: leosilva, Happy Place: barretto, msalvatore, sarnold, ratliff, sbeattie
    • We welcome Mike Salvatore and Eduardo Barretto to the Ubuntu Security Team today! Welcome Mike and Eduardo! We are thrilled that you are joining us to help continue improving security for Ubuntu users!

    • Ubuntu Security Team is hiring

  • Weekly stand-up report (each member discusses any pending and planned future work for the week)
    • mdeslaur
      • clamav update
      • if possible, mysql update
      • security updates
    • sbeattie
      • intel-microcode updates
      • internal tasks
    • jjohansen
      • LSS-EU program committee duties
      • review mjg's network labeling patch

      • AppArmor feature work

    • sarnold
      • MIRs
        • xdg-desktop-portal

      • DebConf presentaton

    • ChrisCoulson

      • thunderbird 60 updates

      • AppArmor audit

      • embargoed issue
    • ratliff
      • embargoed and internal work
    • leosilva
      • mutt update publication
      • python-cryptography updates
      • security updates
    • msalvatore
      • ant update
    • ebarretto
      • onboarding tasks
  • Highlighted packages

    The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.

  • Miscellaneous and Questions
    • tsimonq2 asked where the highlighted packages went. A: We stopped publishing a list of highlighted packages because Debian merges were seen as more likely to succeed and known to be needed.

    • tsimonq2 commented that QtWebEngine needs an update for its embedded Chromium. Discussion deferred to #ubuntu-hardened.

Log

http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-07-23-16.31.moin.txt

MeetingLogs/Security/20180730 (last edited 2018-07-30 17:52:47 by emilyr)