20181015
2515
Comment:
|
← Revision 7 as of 2018-10-16 14:51:39 ⇥
3079
|
Deletions are marked like this. | Additions are marked like this. |
Line 1: | Line 1: |
## page was copied from MeetingLogs/Security/20181001 == Meeting (DRAFT) == |
== Meeting == |
Line 4: | Line 3: |
* '''When''': Mon Oct 1 16:32:11 2018 UTC * '''End''': Mon Oct 1 16:54:40 2018 UTC |
* '''When''': Mon Oct 15 17:00:44 2018 UTC * '''End''': Mon Oct 15 17:18:44 2018 UTC |
Line 7: | Line 6: |
* '''Chaired By''': Jamie Strandboge (jdstrand) | * '''Chaired By''': Joe McManus (joemcmanus) |
Line 30: | Line 29: |
* First off, I'd like to warmly welcome joemcmanus to the team as our new security team manager. Glad to have you Joe! :) | * SLC Sprint next week, Jamie & Joe out of office |
Line 32: | Line 31: |
* Thanks | |
Line 35: | Line 33: |
* CVE Triage: msalvatore (ebarretto), Bug Triage: sarnold, Community: sbeattie, Happy Place: amurray, mdeslaur, leosilva, ebarretto | * CVE Triage: leosilva, Bug Triage: ebarreto, Community: msalvatore, Happy Place: the rest :) |
Line 40: | Line 38: |
* continue brand store snap declarations * continue kubernetes-support interfaces * various snapd PR reviews * iterate on docker PRs * embargoed issue {{{#!wiki comment |
{{{#!wiki comment |
Line 48: | Line 41: |
* jdstrand * fix bug in snapd wrt system-key and calculating apparmor parser features * respond to feedback for recently pushed kubernetes policy updates * continue on brand store declarations * product roadmap sprint prep |
|
Line 49: | Line 47: |
* ghostscript update * embargoed issue * additional reactive updates |
* short week * net-snmp updates * test the ppp updates * additional updates as time allows |
Line 53: | Line 52: |
* kernel updates went out, so USN publications now * imagemagick updates * toolchain hardening options for cosmic+1 |
* kernel signoffs and some re-triage * investigate toolchain updates for cosmic+1 * apparmor reviews |
Line 57: | Line 56: |
* apparmor items for 4.20 pull request: mjg secmark patch, kernel_t label for kernel network tasks, no new privs work * LSM stacking patches * 2.10.4, 2.11.2, 2.12.1, 2.13.1 stable releases of apparmor |
* finish the apparmor releases, which includes rolling out a 2.13.2 emergency release because initscripts are broken on suse and debian. * more LSM stacking review and work on the ubuntu patchset * refresh and get an RFC out for the NS LSM hook patchset this week * LSS-EU presentation * nnp changes so I can get back to Eric with them * audit/prompting work and apparmor 3.0 userspace as time allows |
Line 61: | Line 63: |
* xdg-desktop-portal-gtk * go down the MIR list * apparmor patch reviews as needed |
* oath-toolkit mir * aa patch reviews as jj asks for them * additional MIRs as time allows * file a few bug reports from the previous MIRs as time allows |
Line 65: | Line 68: |
* sponsored firefox update * embargoed update |
* thunderbird 60.2.1 publication. Now ready to hand over to the desktop team * firefox sponsored upload from desktop team |
Line 69: | Line 72: |
* liblouis update * go down the list |
* cve triage this week * attend python brasil event * moin update. * additional cves/pkgs to update as time allows |
Line 72: | Line 77: |
* very short week so only focusing on CVE triage | * community this week * wireshark, version 2.6.1 for trusty, xenial, and bionic went out today * update look and feel for the ubuntu cve tracker * resolve some universe CVEs as time allows |
Line 74: | Line 82: |
* opencv update * monit update * libav |
* bug triage this week * tomcat6 update (trusty and xenial) * tomcat7 as time permits * continue retriaging CVEs |
Line 78: | Line 87: |
* Plan for SLC * Web page update planning * 1:1 with team * Security role phone screens |
|
Line 81: | Line 94: |
== Log == http://ubottu.com/meetingology/logs/ubuntu-meeting/2018/ubuntu-meeting.2018-10-01-16.32.moin.txt |
Meeting
Who: SecurityTeam
When: Mon Oct 15 17:00:44 2018 UTC
End: Mon Oct 15 17:18:44 2018 UTC
Where: #ubuntu-meeting on irc.freenode.net
Chaired By: Joe McManus (joemcmanus)
Attendance
- jdstrand
- mdeslaur
- sbeattie
- jjohansen
- sarnold
- chrisccoulson
- leosilva
- msalvatore
- ebarretto
- joemcmanus
Not present
- amurray
Agenda
- Announcements
SLC Sprint next week, Jamie & Joe out of office
- Generalist role rotation
CVE Triage: leosilva, Bug Triage: ebarreto, Community: msalvatore, Happy Place: the rest
- The Ubuntu Security Team is hiring!
Ubuntu Security engineer: https://boards.greenhouse.io/canonical/jobs/1158266?t=8c0a6c1f1
- Weekly stand-up report (each member discusses any pending and planned future work for the week)
- jdstrand
- jdstrand
- fix bug in snapd wrt system-key and calculating apparmor parser features
- respond to feedback for recently pushed kubernetes policy updates
- continue on brand store declarations
- product roadmap sprint prep
- mdeslaur
- short week
- net-snmp updates
- test the ppp updates
- additional updates as time allows
- sbeattie
- kernel signoffs and some re-triage
- investigate toolchain updates for cosmic+1
- apparmor reviews
- jjohansen
- finish the apparmor releases, which includes rolling out a 2.13.2 emergency release because initscripts are broken on suse and debian.
- more LSM stacking review and work on the ubuntu patchset
- refresh and get an RFC out for the NS LSM hook patchset this week
- LSS-EU presentation
- nnp changes so I can get back to Eric with them
- audit/prompting work and apparmor 3.0 userspace as time allows
- sarnold
- oath-toolkit mir
- aa patch reviews as jj asks for them
- additional MIRs as time allows
- file a few bug reports from the previous MIRs as time allows
- !chrisccoulson
- thunderbird 60.2.1 publication. Now ready to hand over to the desktop team
- firefox sponsored upload from desktop team
- libssh2 MIR
- leosilva
- cve triage this week
- attend python brasil event
- moin update.
- additional cves/pkgs to update as time allows
- msalvatore
- community this week
- wireshark, version 2.6.1 for trusty, xenial, and bionic went out today
- update look and feel for the ubuntu cve tracker
- resolve some universe CVEs as time allows
- ebarretto
- bug triage this week
- tomcat6 update (trusty and xenial)
- tomcat7 as time permits
- continue retriaging CVEs
- joemcmanus
- Plan for SLC
- Web page update planning
- 1:1 with team
- Security role phone screens
- Highlighted packages
The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.
- Miscellaneous and Questions
MeetingLogs/Security/20181015 (last edited 2018-10-16 14:51:39 by jdstrand)