20180604
|
Size: 2797
Comment:
|
Size: 2467
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 4: | Line 4: |
| * '''When''': Mon Feb 26th 2018 16:33 UTC * '''End''': 16:53 UTC |
* '''When''': Mon Mar 19th 2018 16:38 UTC * '''End''': 16:56:40 |
| Line 14: | Line 14: |
| * jjohansen | |
| Line 15: | Line 16: |
| * ratliff | * chrisccoulson |
| Line 19: | Line 20: |
| * jjohansen * chrisccoulson |
* ratliff |
| Line 25: | Line 25: |
| * CVE Triage: mdeslaur, Bug Triage: leosilva, Community: sarnold, Happy Place: ratliff, sbeattie * An all new version of the [[https://usn.ubuntu.com|USN website]] will be deployed today * Please [[https://github.com/canonical-websites/usn.ubuntu.com/issues/|report a bug]] for any issue that you discover * Simon Deziel (sdeziel) provided a debdiff for artful for unbound (LP: #Bug:1723900) |
* CVE Triage: sarnold, Bug Triage: ratliff, Community: sbeattie, Happy Place: mdeslaur, leosilva * Simon Deziel provided debdiffs for xenial-artful for tor (LP: #Bug:1731698) * Philip Rinn provided a debdiff for artful for qtpass (LP: #Bug:1747954) * Emmet Hikory (persia) provided debdiffs for xenial-artful for mosquitto (LP: #Bug:1752591) |
| Line 31: | Line 31: |
| * email catchup | |
| Line 32: | Line 33: |
| * 18.04 desktop priorities | |
| Line 35: | Line 37: |
| * stric mode snaps on livecd * miscellaneous policy investigations and updates * prepare for sprint * lxd snap regression wrt confinement * create screencast interface |
* process/prioritize sprint outcomes |
| Line 41: | Line 39: |
| * sensible-utils updates * embargoed issue |
* php updates * security updates |
| Line 44: | Line 42: |
| * final testing of enabling retpoline by default in 18.04 * gcc-8, gcc-7, gcc-6, and gcc-5 * add the documentation bits to a patch to hardening retpoline options to dpkg, to support hardening=[+-]retpoline and submit to debian |
* paramiko updates * openjdk updates |
| Line 48: | Line 45: |
| * kernel CVE triage | |
| Line 49: | Line 47: |
| * address issues found in the new USN website once it goes live * finalize LSM stacking demo * embargoed issue * involved in the retpoline by default discussions/, uploads, etc. {{{#!wiki comment |
* merge apparmor 2.12-4 from Debian * upload apparmor 2.12-4ubuntu1 to Bionic * fix autopkgtest issues in other source packages * internal documentation |
| Line 56: | Line 53: |
| * target domain name bug * stacking bug for px transitions |
* LXD issue with apparmor: https://github.com/lxc/lxd/issues/4340 * follow up on dangling symlinks apparmorfs issue: https://bugs.launchpad.net/bugs/1755563 |
| Line 59: | Line 56: |
| * !AppArmor community meeting }}} |
|
| Line 62: | Line 57: |
| * !AppArmor patch review * brotli MIR * respond to openjpeg2 bugs stemming from MIR review |
* MIRs * uvloop * !ChrisCoulson * rust/cargo updates * thunderbird updates * !AppArmor auditing changes * investigate gcc-6.4 and nodejs build deps for firefox * embargoed issues * internal issue |
| Line 66: | Line 67: |
| * !ChrisCoulson * firefox updates * ubuntu-drivers-common updates * !AppArmor auditing changes }}} |
|
| Line 75: | Line 71: |
| }}} | |
| Line 76: | Line 73: |
| * qpdf updates * additional security updates |
* security updates |
| Line 84: | Line 80: |
| Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-02-26-16.33.moin.txt | Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-03-19-16.38.moin.txt |
Meeting
Who: SecurityTeam
When: Mon Mar 19th 2018 16:38 UTC
End: 16:56:40
Where: #ubuntu-meeting on irc.freenode.net
Chaired By: Tyler Hicks (tyhicks)
Attendance
- jdstrand
- mdeslaur
- sbeattie
- tyhicks
- jjohansen
- sarnold
- chrisccoulson
- leosilva
Not present
- ratliff
Agenda
- Announcements
- Generalist role rotation
- CVE Triage: sarnold, Bug Triage: ratliff, Community: sbeattie, Happy Place: mdeslaur, leosilva
- Generalist role rotation
Simon Deziel provided debdiffs for xenial-artful for tor (LP: #1731698)
Philip Rinn provided a debdiff for artful for qtpass (LP: #1747954)
Emmet Hikory (persia) provided debdiffs for xenial-artful for mosquitto (LP: #1752591)
- Weekly stand-up report (each member discusses any pending and planned future work for the week)
- jdstrand
- email catchup
- snapd PR reviews
- 18.04 desktop priorities
- layouts
- portals
- steam-support interface
- process/prioritize sprint outcomes
- mdeslaur
- php updates
- security updates
- sbeattie
- paramiko updates
- openjdk updates
- gcc retpoline backports for 12.04 ESM
- kernel CVE triage
- tyhicks
- merge apparmor 2.12-4 from Debian
- upload apparmor 2.12-4ubuntu1 to Bionic
- fix autopkgtest issues in other source packages
- internal documentation
- jjohansen
AppArmor bugs
LXD issue with apparmor: https://github.com/lxc/lxd/issues/4340
follow up on dangling symlinks apparmorfs issue: https://bugs.launchpad.net/bugs/1755563
- update bionic LSM stacking patches with the latest upstream revision
- sarnold
- MIRs
- uvloop
- MIRs
ChrisCoulson
- rust/cargo updates
- thunderbird updates
AppArmor auditing changes
- investigate gcc-6.4 and nodejs build deps for firefox
- embargoed issues
- internal issue
- leosilva
- security updates
- jdstrand
- Highlighted packages
The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.
- Miscellaneous and Questions
- None
Log
Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-03-19-16.38.moin.txt
MeetingLogs/Security/20180604 (last edited 2018-06-04 17:41:32 by emilyr)