20181001

Meeting

  • Who: SecurityTeam

  • When: Mon Oct 1 16:32:11 2018 UTC

  • End: Mon Oct 1 16:54:40 2018 UTC

  • Where: #ubuntu-meeting on irc.freenode.net

  • Chaired By: Jamie Strandboge (jdstrand)

Attendance

  • jdstrand
  • mdeslaur
  • sbeattie
  • jjohansen
  • sarnold
  • chrisccoulson
  • leosilva
  • msalvatore
  • ebarretto
  • joemcmanus

Not present

  • amurray

Agenda

  • Announcements

    • First off, I'd like to warmly welcome joemcmanus to the team as our new security team manager. Glad to have you Joe! Smile :)

    • Generalist role rotation
      • CVE Triage: msalvatore (ebarretto), Bug Triage: sarnold, Community: sbeattie, Happy Place: amurray, mdeslaur, leosilva, ebarretto
    • The Ubuntu Security Team is hiring!
  • Weekly stand-up report (each member discusses any pending and planned future work for the week)
    • jdstrand
      • continue brand store snap declarations
      • continue kubernetes-support interfaces
      • various snapd PR reviews
      • iterate on docker PRs
      • embargoed issue
    • mdeslaur
      • ghostscript update
      • embargoed issue
      • additional reactive updates
    • sbeattie
      • kernel updates went out, so USN publications now
      • imagemagick updates
      • toolchain hardening options for cosmic+1
    • jjohansen
      • apparmor items for 4.20 pull request: mjg secmark patch, kernel_t label for kernel network tasks, no new privs work
      • LSM stacking patches
      • 2.10.4, 2.11.2, 2.12.1, 2.13.1 stable releases of apparmor
    • sarnold
      • xdg-desktop-portal-gtk
      • go down the MIR list
      • apparmor patch reviews as needed
    • !chrisccoulson
      • sponsored firefox update
      • embargoed update
      • libssh2 MIR
    • leosilva
      • liblouis update
      • go down the list
    • msalvatore
      • very short week so only focusing on CVE triage
    • ebarretto
      • opencv update
      • monit update
      • libav
    • joemcmanus
  • Highlighted packages

    The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.

  • Miscellaneous and Questions

Log

http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-10-01-16.32.moin.txt

MeetingLogs/Security/20181001 (last edited 2018-10-01 16:55:09 by jdstrand)