#title #ubuntu-meeting Meeting Meeting started by jdstrand at 18:04:29 UTC. The full logs are available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2012/ubuntu-meeting.2012-10-01-18.04.log.html . == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting (jdstrand, 18:04:34) *Weekly stand-up report *Highlighted packages ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/smsclient.html (jdstrand, 18:17:26) ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libyaml-libyaml-perl.html (jdstrand, 18:17:29) ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libdbd-pg-perl.html (jdstrand, 18:17:32) ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/mcrypt.html (jdstrand, 18:17:35) ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/otrs2.html (jdstrand, 18:17:38) *Miscellaneous and Questions Meeting ended at 18:32:52 UTC. == Votes == == Action items == * (none) == People present (lines said) == * jdstrand (30) * mdeslaur (13) * jjohansen (12) * tyhicks (9) * sarnold (8) * sbeattie (5) * meetingology (3) * ubottu (1) == Full Log == 18:04:29 #startmeeting 18:04:29 Meeting started Mon Oct 1 18:04:29 2012 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 18:04:29 18:04:29 Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired 18:04:34 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 18:04:40 [TOPIC] Weekly stand-up report 18:04:43 I'll go first 18:05:10 I'm in the happy place this week 18:05:36 I've been working on some lightdm apparmor fixes this morning for 12.10, and am almost done 18:05:45 I've got some pending updates that I am working on 18:05:59 that's it from me 18:06:03 mdeslaur: you're up 18:06:12 I just released software-properties updates 18:06:20 and I have qemu-kvm and devscripts updates to test 18:06:23 I'm on triage this week 18:06:38 and I'm on community too 18:06:49 wednesday, I have patch piloting 18:06:57 and after that, I'll pick something else to poke at 18:07:00 that's it for me 18:07:02 sbeattie: you're up 18:07:19 I'm finally finishing up glibc testing, that will go out later today 18:07:48 After that, I'm moving on to apparmor stuff 18:08:05 will pick up jjohansen's coredump testcase patch for quantal 18:08:31 that's pretty much it for me. 18:08:41 tyhicks: you're up (since micahg's off) 18:09:16 I have a libgssglue update to test and publish 18:09:34 I also need to attach a fix to the openssl bug I opened a couple weeks ago 18:09:40 It isn't getting any attention upstream 18:09:59 But there's two plausible, simple fixes for it 18:10:17 * tyhicks will be sure to have that ready by at least mdeslaur's patch piloting on wednesday 18:10:33 hrm :P 18:10:35 Then I'll be starting on apparmor stuff when I get the green light from jjohansen 18:10:39 mdeslaur: you're welcome ;) 18:10:50 jjohansen: that's it, you're up 18:10:52 heh 18:10:58 tyhicks: green light 18:11:04 oh, nice! :) 18:11:23 So I am dumping some docs, on tyhicks and sbeattie 18:11:37 and getting them moving on some apparmor items 18:12:17 I still have some fixing of the dbus parser patch so it works with 2.8 that I a plan to finish up today 18:12:34 I have a yama qrt failure to finish looking into 18:12:56 and more apparmor debugging 18:13:05 of the kernel. 18:13:33 I also need to push the current set of bug fixes upstream for 3.7 release window 18:14:37 sarnold: your up 18:15:04 oh and I guess this is a short week for me I am off friday 18:15:20 I think I've got my buildenvironment and testenvironment all built; this week we'll find what I missed and hopefully get around to fixing some packages. :) 18:15:31 I'm also going to be paying attention to the community role, woo. 18:15:37 jdstrand: you're up 18:17:09 [TOPIC] Highlighted packages 18:17:14 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 18:17:18 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 18:17:26 http://people.canonical.com/~ubuntu-security/cve/pkg/smsclient.html 18:17:29 http://people.canonical.com/~ubuntu-security/cve/pkg/libyaml-libyaml-perl.html 18:17:32 http://people.canonical.com/~ubuntu-security/cve/pkg/libdbd-pg-perl.html 18:17:35 http://people.canonical.com/~ubuntu-security/cve/pkg/mcrypt.html 18:17:38 http://people.canonical.com/~ubuntu-security/cve/pkg/otrs2.html 18:17:46 [TOPIC] Miscellaneous and Questions 18:17:55 There are a lot of merge opportunities for packages listed in http://people.canonical.com/~ubuntu-security/d2u/. Performing these updates is a great way to help Ubuntu and bolster your developer application. 18:18:22 mdeslaur (or possibly jjohansen): I see some 'high' kernel CVEs. what is the status of those? 18:18:57 jdstrand: oh, hrmm I haven't checked this morning yet 18:19:26 jjohansen: it's been at high for a while now 18:19:48 CVE-2012-3520 18:19:50 ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3520) 18:21:39 it's in the -proposed kernel, so should be out soon 18:21:42 jdstrand: ^ 18:21:53 jdstrand, mdeslaur: yep 18:22:32 mdeslaur: awesome, thanks 18:22:42 Does anyone have any other questions or items to discuss? 18:23:30 jdstrand: wrt the lightdm, one of our users was looking for a way to allow the guest profile to launch chromium-browser but not have the lightdm profile itself known about all the exceptions to its profile 18:24:08 jdstrand: this seemed like a reasonable idea to me, I've got a feeling that an #include may be useful for handling future cases similar to chromium-browser 18:24:36 s/itself known/itself know/ 18:25:15 sarnold: yeah-- I saw the bug. I am doing something similar 18:26:17 lightdm.d would be good, but I'd like to get upstream consensus on our .d directories. in the meantime, I have split out all of the lightdm rules into abstractions/lightdm. the guest and remote sessions can use that 18:26:17 jdstrand: cool :) (he wanted to pick up a bug he thought he could handle, but the nuances of named profile transitions are subtle enough that I think it makes sense for you to work on that one full-speed-ahead. But I did like his idea of isolating exceptions in their own pile of included files. 18:26:45 cause right now the freerdp and uccsconfigure profiles are profile copies 18:27:13 then I am adding a separate lightdm_chromium-browser abstraction that will itself include the lightdm abstraction 18:27:24 bug it will have the additional rules to get chromium running 18:27:57 aha, that sounds good. :) Thanks 18:28:00 so we achieve the same. if we need another special-cased profile, then we can add the lightdm.d dir 18:32:52 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)