== Security Team Weekly Summary for 16 June 2017 == The [[SecurityTeam|Security Team]] weekly reports are intended to be very short summaries of the Security Team's weekly activities. If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com During the last week, the Ubuntu Security team: * Triaged 327 public security vulnerability reports, retaining the 81 that applied to Ubuntu. * Published 5 Ubuntu Security Notices which fixed 33 security issues (CVEs) across 6 supported packages. === Ubuntu Security Notices === * [[https://www.ubuntu.com/usn/usn-3317-1|[USN-3317-1] Irssi vulnerabilities ]] * [[https://www.ubuntu.com/usn/usn-3318-1|[USN-3318-1] GnuTLS vulnerabilities ]] * [[https://www.ubuntu.com/usn/usn-3315-1|[USN-3315-1] Firefox vulnerabilities ]] * [[https://www.ubuntu.com/usn/usn-3319-1|[USN-3319-1] libmwaw vulnerability ]] * [[https://www.ubuntu.com/usn/usn-3320-1|[USN-3320-1] zziplib vulnerabilities ]] === Bug Triage === * Backlog: https://bugs.launchpad.net/~ubuntu-security/+subscribedbugs === Mainline Inclusion Requests === * xdelta3 review complete (LP: #Bug:1647222) * gdm3 underway (LP: #Bug:1686393) * MIR backlog: https://bugs.launchpad.net/~ubuntu-security/+assignedbugs?field.searchtext=%5BMIR%5D === Updates to Community Supported Packages === * Thanks to Chris Dunlap for providing a patch for munge (LP: #Bug:1287624) === Fake syncs === "Fake syncs" are security updates for community supported packages which are sync'd across from Debian with no changes, rebuilt in Launchpad and then released. * libosip2 * tnef === Development === * AppArmor pull request for 4.13 submitted http://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1418556.html === Weekly Meeting === * Log: https://wiki.ubuntu.com/MeetingLogs/Security/20170612 * Info: https://wiki.ubuntu.com/SecurityTeam/Meeting === More Info === * [[http://people.canonical.com/~ubuntu-security/cve/| Ubuntu CVE Tracker]] * [[https://www.ubuntu.com/usn/| Ubuntu security notices]] * [[https://www.twitter.com/ubuntu_sec| Follow Ubuntu Security on Twitter]] * [[https://wiki.ubuntu.com/SecurityTeam/GettingInvolved| How to help improve Ubuntu security ]]