18:03:05 <jdstrand> #startmeeting
18:03:05 <meetingology> Meeting started Mon Jul 30 18:03:05 2012 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
18:03:05 <meetingology> 
18:03:05 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
18:03:09 <jdstrand> The meeting agenda can be found at:
18:03:10 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
18:03:16 <jdstrand> [TOPIC] Announcements
18:03:29 <jdstrand> Thanks to bdrung for his help on security updates for the community supported vlc last week. Your work is very much appreciated and will keep Ubuntu users secure. Great job! :)
18:03:38 <jdstrand> [TOPIC] Review of any previous action items
18:03:54 <jdstrand> actually, don't have any of those
18:03:59 <jdstrand> [TOPIC] Weekly stand-up report
18:04:02 <jdstrand> I'll go first
18:04:11 <jdstrand> I'm in the happy place this week
18:04:20 <jdstrand> I've got to finish up community work from last week
18:04:34 <jdstrand> I've also been working almost exclusively on MIR audits
18:05:14 <jdstrand> I have a couple/few left, but it is slow going cause I need a functional openstack and that has proved elusive on quantal
18:05:45 <jdstrand> I should also get started on the hiring process for our open generalist position
18:06:25 <jdstrand> once my audits are done, I hope to dig into my webkit maintenance investigation
18:06:41 <jdstrand> and get back to my pending updates
18:06:47 <jdstrand> mdeslaur: you're next
18:09:57 <mdeslaur> whoops, sorry
18:10:02 <mdeslaur> I'm working on nss updates
18:10:11 <mdeslaur> and will pick something else from the list
18:10:17 <mdeslaur> I'm also on triage this week
18:10:30 <mdeslaur> that,s about it. sbeattie, you're up
18:10:39 <sbeattie> I'm in the happy place this week.
18:10:52 <sbeattie> I've got two embargoed issues on my plate
18:11:20 <sbeattie> I've also got a openstack issue that I need to test.
18:11:40 <sbeattie> Once I've cleared those, I'm planning to get back to the apparmor dbus stuff.
18:11:53 <sbeattie> I may also pick up another one from the list.
18:12:00 <sbeattie> That's it from me.
18:12:04 <sbeattie> micahg: you're up
18:13:05 <micahg> still working on webkit, will be taking back Mozilla pretesting from tyhicks, precise should be promoted to -updates/-security this week barring any issues (I haven't heard anyone scream yet)
18:13:47 <micahg> I guess that's it for me
18:13:59 <tyhicks> I'm handling community this week
18:14:27 <tyhicks> I'm currently working on some upstream auditd patches to disable network listening support. They should go out to the list today.
18:14:44 <jdstrand> micahg: what about the other releases? istr you saying those were going to hit this week
18:15:23 <micahg> jdstrand: yeah, hoping to drop oneiric and natty into proposed this week, going a little slower than I'd hoped
18:15:47 <jdstrand> micahg: but you've got a handle on it?
18:15:53 <micahg> jdstrand: yeah
18:15:57 <jdstrand> ok cool
18:16:10 <jdstrand> tyhicks: did you manage to talk to upstream auditd about the network stuff?
18:16:43 <tyhicks> jdstrand: No, but it is straight forward so I'd like to start the conversation with the patch set
18:16:49 <jdstrand> I see
18:16:51 <jdstrand> thanks
18:16:56 <jdstrand> sorry for the interruption
18:17:15 <tyhicks> jdstrand: There are a few existing examples of other features (such as GSSAPI) that get flicked on and off at build time. I followed them.
18:17:44 <tyhicks> I have an eCryptfs pull request that I need to prepare and send to Linus. Shouldn't take long, just need to get to it.
18:17:52 <tyhicks> Then my focus will be on updates
18:17:58 <tyhicks> That's it for me
18:18:22 <tyhicks> jjohansen: you're up
18:18:28 <jjohansen> well I have some dbus patch fixes to finish up so sbeattie can finish getting a ppa together.
18:19:07 <jjohansen> Hopefully I'll get some patch review feedback this week that I can roll in to the current patchset, and I have the locking update to finish off
18:20:23 <jjohansen> oh and I suppose it will be back to the stacking work after that
18:20:31 <jjohansen> jdstrand: back to you
18:21:00 <sbeattie> jjohansen: yeah, sorry, I'm trying to get to reviewing those patches as well.
18:21:17 <jdstrand> [TOPIC] Highlighted packages
18:21:23 <jjohansen> sbeattie: heh I know :)
18:21:26 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
18:21:30 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
18:21:40 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/bcfg2.html
18:21:43 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/ax25-tools.html
18:21:46 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/mysql-gui-tools.html
18:21:50 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libpar-perl.html
18:21:54 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/gksu-polkit.html
18:22:06 <jdstrand> [TOPIC] Miscellaneous and Questions
18:22:12 <jdstrand> There are a lot of merge opportunities for packages listed in http://people.canonical.com/~ubuntu-security/d2u/. Performing these updates is a great way to help Ubuntu and bolster your developer application.
18:25:27 <jdstrand> mdeslaur, sbeattie, micahg, tyhicks, jjohansen: thanks!
18:25:30 <jdstrand> #endmeeting