== Security Team Weekly Summary for 29 September 2017 ==

||<tablestyle="float:right; font-size: 0.9em; width:30%; background:#F1F1ED; background-repeat: no-repeat; background-position:  98% 0.5ex; margin: 0 0 1em 1em; padding: 0.5em;"><<TableOfContents>>||

The [[SecurityTeam|Security Team]] weekly reports are intended to be very short summaries of the Security Team's weekly activities. 

If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com

During the last week, the Ubuntu Security team:
 * Triaged 195 public security vulnerability reports, retaining the 38 that applied to Ubuntu.
 * Published 1 Ubuntu Security Notice which fixed 1 security issue (CVE) in 1 supported package.

=== Ubuntu Security Notices ===
 * [[https://www.ubuntu.com/usn/usn-3429-1|[USN-3429-1] Libplist vulnerability ]]

=== Bug Triage ===
 * Backlog: https://bugs.launchpad.net/~ubuntu-security/+subscribedbugs

=== Mainline Inclusion Requests ===
 * python-pyelftools completed (LP: #Bug:1630073)
 * MIR backlog: https://bugs.launchpad.net/~ubuntu-security/+assignedbugs?field.searchtext=%5BMIR%5D

=== Development ===
 * [[ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?h=v4.14-rc2&id=79444df4e7f03843be78e4b9188d095931648842 | AppArmor merge for 4.14 (rc2) ]]
 * [[ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c0a3a64e723324ae6dda53214061a71de63808c3 | Seccomp merge for 4.14 (rc2) ]]

=== What the Security Team is Reading This Week ===
 * [[ http://www.icir.org/vern/papers/patch-study.ccs17.pdf|A Large-Scale Empirical Study of Security Patches]]
 * [[ http://www.radiolab.org/story/ceremony/ |The Ceremony]]

=== Weekly Meeting ===
 * There was no weekly meeting on 25 September because the entire team was attending the Ubuntu Rally.
 * Info: https://wiki.ubuntu.com/SecurityTeam/Meeting

=== More Info ===
 * [[http://people.canonical.com/~ubuntu-security/cve/| Ubuntu CVE Tracker]]
 * [[https://www.ubuntu.com/usn/| Ubuntu security notices]]
 * [[https://www.twitter.com/ubuntu_sec| Follow Ubuntu Security on Twitter]]
 * [[https://wiki.ubuntu.com/SecurityTeam/GettingInvolved| How to help improve Ubuntu security ]]