Meeting

• Who: SecurityTeam

• When: Mon Aug 27 16:30:29 2018 UTC

• End: Mon Aug 27 16:44:53 2018 UTC

• Where: #ubuntu-meeting on irc.freenode.net

• Chaired By: Jamie Strandboge (jdstrand)

Attendance

• jdstrand
  • mdeslaur
• sbeattie
  • jjohansen
• sarnold
  • chrisccoulson
• leosilva
  • msalvatore
• ebarretto

Not present

• • list people here
• amurray
• mdeslaur
• jjohansen
• chrisccoulson
• msalvatore

Agenda

• Announcements
  • Thanks
  • Generalist role rotation
    • CVE Triage: leosilva, Bug Triage: ebarretto, Community: msalvatore, Happy Place: sarnold, sbeattie, amurray, mdeslaur

  • Thanks to Thomas Opfer for help on security updates for the community supported tomcat8 last week. This work is very much appreciated and will keep Ubuntu users secure. Great job!

  • The Ubuntu Security Team is hiring!

    • Ubuntu Security engineer: https://boards.greenhouse.io/canonical/jobs/1158266?t=8c0a6c1f1

    • Ubuntu Security manager: https://boards.greenhouse.io/canonical/jobs/1278287?t=8c0a6c1f1

  • Due to US holiday on September 3rd, the next meeting will be on September 10.
• Weekly stand-up report (each member discusses any pending and planned future work for the week)
  • jdstrand
    • continue brand store snap declarations
    • continue kubernetes-support interfaces
    • various snapd PR reviews (eg, anbox-support, et all)
    • iterate on audio-playback/record interfaces
  • amurray (not present; reported by jdstrand)
    • ceph update
    • internal work
    • move to another reactive update as time allows
    • mdeslaur
  • sbeattie
    • happy place
    • publishing intel-microcode updates
    • finish up some remaining kernel publications
    • sponsoring mariadb
    • pick up bind9 updates
    • other reactive updates as time allows
    • apparmor merges and investigate testcase failure in upstream apparmor
  • jjohansen (not present)
    • LSS attendance
  • sarnold
    • happy place, but finish community tasks from last week
    • get back to xdg-desktop-portal-gtk MIR
    • trip prepartation
    • review apparmor patches from John as time allows

    • ChrisCoulson

  • leosilva
    • cve triage
    • flask and poppler updates
    • msalvatore
  • ebarretto
    • bug triage
    • finished ffmpeg to ESM
    • pick another update
• Highlighted packages

  The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.

• Miscellaneous and Questions

Log

http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-08-27-16.30.moin.txt