== Security Team Weekly Summary for 30 June 2017 ==

The [[SecurityTeam|Security Team]] weekly reports are intended to be very short summaries of the Security Team's weekly activities. 

If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com

During the last week, the Ubuntu Security team:
 * Triaged 163 public security vulnerability reports, retaining the 66 that applied to Ubuntu.
 * Published 12 Ubuntu Security Notices which fixed 22 security issues (CVEs) across 12 supported packages.

=== Ubuntu Security Notices ===
 * [[https://www.ubuntu.com/usn/usn-3340-1|[USN-3340-1] Apache HTTP Server vulnerabilities ]]
 * [[https://www.ubuntu.com/usn/usn-3341-1|[USN-3341-1] Systemd vulnerability ]]
 * [[https://www.ubuntu.com/usn/usn-3342-1|[USN-3342-1] Linux kernel vulnerabilities ]]
 * [[https://www.ubuntu.com/usn/usn-3343-1|[USN-3343-1] Linux kernel vulnerabilities ]]
 * [[https://www.ubuntu.com/usn/usn-3344-1|[USN-3344-1] Linux kernel vulnerabilities ]]
 * [[https://www.ubuntu.com/usn/usn-3344-2|[USN-3344-2] Linux kernel (Xenial HWE) vulnerabilities ]]
 * [[https://www.ubuntu.com/usn/usn-3345-1|[USN-3345-1] Linux kernel vulnerabilities ]]
 * [[https://www.ubuntu.com/usn/usn-3338-2|[USN-3338-2] Linux kernel regression ]]
 * [[https://www.ubuntu.com/usn/usn-3343-2|[USN-3343-2] Linux kernel (Trusty HWE) vulnerabilities ]]
 * [[https://www.ubuntu.com/usn/usn-3323-2|[USN-3323-2] GNU C Library vulnerability ]]
 * [[https://www.ubuntu.com/usn/usn-3342-2|[USN-3342-2] Linux kernel (HWE) vulnerabilities ]]
 * [[https://www.ubuntu.com/usn/usn-3346-1|[USN-3346-1] bind9 vulnerabilities ]]

=== Bug Triage ===
 * Backlog: https://bugs.launchpad.net/~ubuntu-security/+subscribedbugs

=== Mainline Inclusion Requests ===
 * gdm3 underway (LP: #Bug:1686393)
 * MIR backlog: https://bugs.launchpad.net/~ubuntu-security/+assignedbugs?field.searchtext=%5BMIR%5D

=== Updates to Community Supported Packages ===
 * Otto Kekäläinen (otto) provided updates for trusty for mariadb-5.5 (LP: #Bug:1698689) 

=== Weekly Meeting ===
 * Log: https://wiki.ubuntu.com/MeetingLogs/Security/20170626
 * Info: https://wiki.ubuntu.com/SecurityTeam/Meeting

=== What the Security Team is Reading This Week ===
 * [[https://eprint.iacr.org/2017/627.pdf | Sliding Right Into Disaster ]]
 * [[https://www.infosecurity-magazine.com/news/passwords-from-brain-waves/ | Recovering Passwords From Brainwaves ]]

=== More Info ===
 * [[http://people.canonical.com/~ubuntu-security/cve/| Ubuntu CVE Tracker]]
 * [[https://www.ubuntu.com/usn/| Ubuntu security notices]]
 * [[https://www.twitter.com/ubuntu_sec| Follow Ubuntu Security on Twitter]]
 * [[https://wiki.ubuntu.com/SecurityTeam/GettingInvolved| How to help improve Ubuntu security ]]