20180223
Security Team Weekly Summary for 23 February 2018
The Security Team weekly reports are intended to be very short summaries of the Security Team's weekly activities.
If you would like to reach the Security Team, you can find us at the #ubuntu-hardened channel on FreeNode. Alternatively, you can mail the Ubuntu Hardened mailing list at: ubuntu-hardened@lists.ubuntu.com
During the last week, the Ubuntu Security team:
- Triaged 202 public security vulnerability reports, retaining the 32 that applied to Ubuntu.
- Published 14 Ubuntu Security Notices which fixed 51 security issues (CVEs) across 17 supported packages.
Ubuntu Security Notices
Bug Triage
Mainline Inclusion Requests
openjpeg2 (LP: #711061) paused
brotli (LP: #1737053) underway
MIR backlog: https://bugs.launchpad.net/~ubuntu-security/+assignedbugs?field.searchtext=%5BMIR%5D
Updates to Community Supported Packages
Simon Deziel (sdeziel) provided a debdiff for artful for unbound (LP: #1723900)
Development
- snap review tools updates
- PR 4733, 4734 and 4736 for screen-inhibit-control and network-status policy bugs
- verified audit SRU
work AppArmor reload issue (LP: #1750594)
- reviews
- PR 1945 - elf: clear execstack by default
- PR 4720 - add xdg-desktop-portal support to desktop interface
What the Security Team is Reading This Week
When Textbook RSA is Used to Protect the Privacy of Hundreds of Millions of Users
The Woman Who Smashed Codes A True Story of Love, Spies, and the Unlikely Heroine Who Outwitted America's Enemies by Jason Fagone
Weekly Meeting
- There was no weekly meeting last week due to a U. S. holiday.
More Info
SecurityTeam/WeeklyReports/20180223 (last edited 2018-02-26 16:05:48 by emilyr)