20180813
3372
Comment:
|
2099
|
Deletions are marked like this. | Additions are marked like this. |
Line 1: | Line 1: |
## page was copied from MeetingLogs/Security/20170612 ## page was renamed from MeetingLogs/Security/20170605 |
|
Line 5: | Line 3: |
* '''When''': Mon June 12th 2017 16:36 UTC * '''End''': 16:57 UTC |
* '''When''': Mon Jun 25 16:31:11 2018 UTC * '''End''': 16:45:09 |
Line 8: | Line 6: |
* '''Chaired By''': Tyler Hicks (tyhicks) | * '''Chaired By''': Emily Ratliff (ratliff) |
Line 12: | Line 10: |
{{{#!wiki comment | |
Line 13: | Line 12: |
}}} | |
Line 14: | Line 14: |
* tyhicks | {{{#!wiki comment |
Line 16: | Line 16: |
}}} | |
Line 18: | Line 19: |
* leosilva | |
Line 19: | Line 21: |
* leosilva | |
Line 22: | Line 23: |
* None | {{{#!wiki comment }}} * mdeslaur * jjohansen * amurray |
Line 26: | Line 31: |
* Balint Reczey (rbalint) provided debdiffs for xenial-zesty for kodi (LP: #Bug:1694249) * Balint Reczey (rbalint) provided debdiffs for trusty-zesty for wireshark (LP: #Bug:1397091) * Gianfranco Costamagna (!LocutusOfBorg) provided debdiffs for trusty-zesty for ettercap (LP: #Bug:1695722) * leosilva has joined the Ubuntu Security Team |
* Generalist role rotation * CVE Triage: ratliff, Bug Triage: sbeattie, Community: mdeslaur, Happy Place: leosilva, sarnold * We welcome Alex Murray to the Ubuntu Security Team today! Welcome Alex, we are thrilled that you are joining us to help continue improving security for Ubuntu users! * Ubuntu Security Team [[https://grnh.se/8c0a6c1f1|is hiring]] |
Line 32: | Line 37: |
* PR reviews for fixing racy profile generation * bpf caching * system-key * respond to greengrass-support interface feedback * iterate on the policy once a devmode snap is available * password-manager-service interface PR * finish overlayfs/apparmor/snaps investigation * file overlay/apparmor bugs * snappy-debug work * fix to work with journald * miscellaneous snappy policy updates PR |
* snapd PR reviews * adjust snap-confine to always use a device cgroup * follow up on unsquashfs issue (ie, work on re-enabling resquashfs enforcement * pick up review-tools snap USNs phase1/part ii work as have time {{{#!wiki comment |
Line 44: | Line 43: |
* weekly role: community * gnutls updates * libiberty updates * additional security updates as time allows |
* massive imagemagick update * security updates }}} |
Line 49: | Line 47: |
* weekly role: bug Triage * embargoed issue * sudo update * add UCT tracking for some new kernels * tyhicks * weekly role: CVE triage * !eCryptfs patch review (userspace and kernel) * fscrypto evaluation * seccomp patches |
* kernel signoffs and fix kernel qrt test failures * finish the conversion of the cve-tracker to git * internal task {{{#!wiki comment |
Line 59: | Line 52: |
* upstream linux-security-module reviews * new revision of LSM stacking patches * path based LSM changes from Tetsuo * LSS program committee duties * work with SUSE regarding the AppArmor patches for 4.13 kernel * !AppArmor kernel patch upstreaming * start preparing patches for 4.14 |
* apparmor pull request for 4.18. * work on apparmor 3.0 release }}} |
Line 67: | Line 56: |
* weekly role: happy place * xdelta3 mir * gdm3 mir * !AppArmor patch review to support jjohansen's upstreaming work |
* MIRs * fprintd * profiling some pcp daemons |
Line 72: | Line 60: |
* Firefox updates * sponsor chromium-browser updates * embargoed issues |
* rust 1.27 * firefox updates |
Line 76: | Line 63: |
* weekly role: happy place * Ubuntu Core 15 updates * CVE notifications |
* embargoed and internal work |
Line 80: | Line 65: |
* new employee tasks | * openSSL USN * security updates |
Line 82: | Line 68: |
The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. The highlighted packages for this week are: | |
Line 85: | Line 70: |
* none | * None |
Line 88: | Line 73: |
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2017/ubuntu-meeting.2017-06-12-16.36.moin.txt | http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-06-25-16.31.moin.txt |
Meeting
Who: SecurityTeam
When: Mon Jun 25 16:31:11 2018 UTC
End: 16:45:09
Where: #ubuntu-meeting on irc.freenode.net
Chaired By: Emily Ratliff (ratliff)
Attendance
- jdstrand
- sbeattie
- sarnold
- chrisccoulson
- leosilva
- ratliff
Not present
- mdeslaur
- jjohansen
- amurray
Agenda
- Announcements
- Generalist role rotation
- CVE Triage: ratliff, Bug Triage: sbeattie, Community: mdeslaur, Happy Place: leosilva, sarnold
- We welcome Alex Murray to the Ubuntu Security Team today! Welcome Alex, we are thrilled that you are joining us to help continue improving security for Ubuntu users!
Ubuntu Security Team is hiring
- Generalist role rotation
- Weekly stand-up report (each member discusses any pending and planned future work for the week)
- jdstrand
- snapd PR reviews
- adjust snap-confine to always use a device cgroup
- follow up on unsquashfs issue (ie, work on re-enabling resquashfs enforcement
- pick up review-tools snap USNs phase1/part ii work as have time
- sbeattie
- kernel signoffs and fix kernel qrt test failures
- finish the conversion of the cve-tracker to git
- internal task
- sarnold
- MIRs
- fprintd
- profiling some pcp daemons
- MIRs
ChrisCoulson
- rust 1.27
- firefox updates
- ratliff
- embargoed and internal work
- leosilva
- openSSL USN
- security updates
- jdstrand
- Highlighted packages
The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.
- Miscellaneous and Questions
- None
Log
http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-06-25-16.31.moin.txt
MeetingLogs/Security/20180813 (last edited 2018-08-13 17:00:00 by emilyr)