20171027
Security Team Weekly Summary for 27 October 2017
The Security Team weekly reports are intended to be very short summaries of the Security Team's weekly activities.
If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com
During the last week, the Ubuntu Security team:
- Triaged 268 public security vulnerability reports, retaining the 40 that applied to Ubuntu.
- Published 16 Ubuntu Security Notices which fixed 66 security issues (CVEs) across 16 supported packages.
Ubuntu Security Notices
Bug Triage
Mainline Inclusion Requests
spice-vdagent underway (LP: #1200296)
MIR backlog: https://bugs.launchpad.net/~ubuntu-security/+assignedbugs?field.searchtext=%5BMIR%5D
Development
Participated in online Enabling AppArmor by default in Debian Sprint
- Refreshed fscrypt package for bionic, tested in a bionic VM, and uploaded it to bionic (pending approval)
Created preliminary ssh and gpg keys interfaces PR 4100
Investigated, prepared, tested, and submitted snap-confine apparmor fix PR 4098 and policy-updates-xxxi PR 4097
- Updated snappy-debug to suggest snapcraft preload plugin, tested and got it to stable
Set up https://gitlab.com/apparmor
What the Security Team is Reading This Week
Weekly Meeting