20180730

Differences between revisions 83 and 84
Revision 83 as of 2018-03-19 14:44:20
Size: 2722
Editor: tyhicks
Comment:
Revision 84 as of 2018-03-19 16:57:35
Size: 2467
Editor: tyhicks
Comment:
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:
== Meeting (DRAFT) == == Meeting ==
Line 4: Line 4:
 * '''When''': Mon Mar 9th 2018 16:30 UTC
 * '''End''': 16:53 UTC		  * '''When''': Mon Mar 19th 2018 16:38 UTC
 * '''End''': 16:56:40
Line 31: Line 31:
   * email catchup
Line 32: Line 33:
    * 18.04 desktop priorities
Line 35: Line 37:
   * stric mode snaps on livecd
   * miscellaneous policy investigations and updates
   * prepare for sprint
   * lxd snap regression wrt confinement
   * create screencast interface		    * process/prioritize sprint outcomes
Line 41: Line 39:
   * sensible-utils updates
   * embargoed issue		    * php updates
   * security updates
Line 44: Line 42:
   * final testing of enabling retpoline by default in 18.04
    * gcc-8, gcc-7, gcc-6, and gcc-5
   * add the documentation bits to a patch to hardening retpoline options to dpkg, to support hardening=[+-]retpoline and submit to debian		    * paramiko updates
   * openjdk updates
Line 48: Line 45:
   * kernel CVE triage
Line 49: Line 47:
   * address issues found in the new USN website once it goes live
   * finalize LSM stacking demo
   * embargoed issue
   * involved in the retpoline by default discussions/, uploads, etc.		    * merge apparmor 2.12-4 from Debian
   * upload apparmor 2.12-4ubuntu1 to Bionic
    * fix autopkgtest issues in other source packages
   * internal documentation
Line 55: Line 53:
    * target domain name bug
    * stacking bug for px transitions		     * LXD issue with apparmor: https://github.com/lxc/lxd/issues/4340
    * follow up on dangling symlinks apparmorfs issue: https://bugs.launchpad.net/bugs/1755563
Line 58: Line 56:
   * !AppArmor community meeting
Line 60: Line 57:
   * !AppArmor patch review
   * brotli MIR
   * respond to openjpeg2 bugs stemming from MIR review		    * MIRs
    * uvloop
Line 64: Line 60:
   * firefox updates
   * ubuntu-drivers-common updates		    * rust/cargo updates
   * thunderbird updates
Line 67: Line 63:
   * investigate gcc-6.4 and nodejs build deps for firefox
   * embargoed issues
   * internal issue
Line 74: Line 73:
   * qpdf updates
   * additional security updates		    * security updates
Line 82: Line 80:
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-02-26-16.33.moin.txt Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-03-19-16.38.moin.txt

Meeting

  • Who: SecurityTeam

  • When: Mon Mar 19th 2018 16:38 UTC

  • End: 16:56:40

  • Where: #ubuntu-meeting on irc.freenode.net

  • Chaired By: Tyler Hicks (tyhicks)

Attendance

  • jdstrand
  • mdeslaur
  • sbeattie
  • tyhicks
  • jjohansen
  • sarnold
  • chrisccoulson
  • leosilva

Not present

  • ratliff

Agenda

  • Announcements
    • Generalist role rotation
      • CVE Triage: sarnold, Bug Triage: ratliff, Community: sbeattie, Happy Place: mdeslaur, leosilva

  • Simon Deziel provided debdiffs for xenial-artful for tor (LP: #1731698)

  • Philip Rinn provided a debdiff for artful for qtpass (LP: #1747954)

  • Emmet Hikory (persia) provided debdiffs for xenial-artful for mosquitto (LP: #1752591)

  • Weekly stand-up report (each member discusses any pending and planned future work for the week)
    • jdstrand
      • email catchup
      • snapd PR reviews
        • 18.04 desktop priorities
        • layouts
        • portals
        • steam-support interface
      • process/prioritize sprint outcomes
    • mdeslaur
      • php updates
      • security updates
    • sbeattie
      • paramiko updates
      • openjdk updates
      • gcc retpoline backports for 12.04 ESM
      • kernel CVE triage
    • tyhicks
      • merge apparmor 2.12-4 from Debian
      • upload apparmor 2.12-4ubuntu1 to Bionic
        • fix autopkgtest issues in other source packages
      • internal documentation
    • jjohansen
    • sarnold
      • MIRs
        • uvloop

    • ChrisCoulson

      • rust/cargo updates
      • thunderbird updates

      • AppArmor auditing changes

      • investigate gcc-6.4 and nodejs build deps for firefox
      • embargoed issues
      • internal issue
    • leosilva
      • security updates
  • Highlighted packages

    The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.

  • Miscellaneous and Questions
    • None

Log

Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-03-19-16.38.moin.txt

MeetingLogs/Security/20180730 (last edited 2018-07-30 17:52:47 by emilyr)