#title #ubuntu-meeting Meeting Meeting started by jdstrand at 18:00:31 UTC. The full logs are available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-01-28-18.00.log.html . == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting (jdstrand, 18:00:45) *Announcements *Weekly stand-up report *Highlighted packages ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/mathopd.html (jdstrand, 18:16:11) ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/elinks.html (jdstrand, 18:16:13) ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/openarena.html (jdstrand, 18:16:16) ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libsmi.html (jdstrand, 18:16:19) ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/geshi.html (jdstrand, 18:16:24) *Miscellaneous and Questions Meeting ended at 18:23:39 UTC. == Votes == == Action items == * (none) == People present (lines said) == * jdstrand (31) * mdeslaur (12) * sarnold (6) * tyhicks (5) * meetingology (3) * jjohansen (3) * ubottu (2) * sbeattie (2) == Full Log == 18:00:31 #startmeeting 18:00:31 Meeting started Mon Jan 28 18:00:31 2013 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 18:00:31 18:00:31 Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired 18:00:38 nice to start on time today :) 18:00:43 The meeting agenda can be found at: 18:00:45 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 18:00:52 [TOPIC] Announcements 18:01:16 Christian Kuersteiner (ckuerste) provided debdiffs for lucid-oneiric for xymon (LP: #1092412) 18:01:18 Launchpad bug 1092412 in xymon (Ubuntu Precise) "Xymon Multiple XSS" [Undecided,Fix released] https://launchpad.net/bugs/1092412 18:01:20 Christian Kuersteiner (ckuerste) provided debdiffs for quantal for ruby-actionpack-3.2 (LP: #1100188) 18:01:22 Launchpad bug 1100188 in rails (Ubuntu Lucid) " Unsafe Query Generation Risk in Ruby on Rails" [Undecided,Triaged] https://launchpad.net/bugs/1100188 18:01:24 Christian Kuersteiner (ckuerste) provided debdiffs for quantal for ruby-activerecord-3.2 (LP: #1100188) 18:02:15 thanks to ckuerste for his help on security updates for these community supported packages. Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 18:02:20 [TOPIC] Weekly stand-up report 18:02:24 I'll go first 18:03:20 last week I was community and I patch piloted 18:03:36 this week I've got a chromium-browser upload to sponsor/test 18:03:42 and two embargoed issues 18:04:02 I'd like to take another look at our blueprints as well 18:04:15 I plan to finish a couple of outstanding audits as well 18:04:21 mdeslaur: you're up 18:04:33 I just published a couple of USNs 18:04:42 and I have something embargoed to look at 18:04:51 and then will continue going down the CVE list 18:04:58 I'm on triage this week too 18:05:03 that's it, sbeattie you're up 18:05:41 I'm still focused on apparmor this week, specifically the display manager mediation prototype. 18:06:09 that's prettymuch it for me. tyhicks? 18:06:28 I'm working on an embargoed item 18:07:03 I also need to upload new dbus and linux packages to the dbus-dev PPA for some patches that'll allow dbus to detect if apparmor supports dbus rules 18:07:16 Then I'll (re)start work on the AppArmor kernel policy interface workitem 18:07:23 That's it for me 18:07:27 jjohansen: you'r eup 18:09:59 * jjohansen is working on the apparmor label and stacking code again, and we should see a new patchset this week. Currently I am chasing down a refcounting bug that is causing oopses 18:10:40 after the new patchset gets pushed, /me will be moving on to env var filtering 18:10:46 \o/ 18:10:54 \o/ 18:11:11 sarnold: I think your up next 18:11:59 the dnsmasq patchset just kept growing, I handed off a braindump and four debdiffs to mdeslaur last week, it's a bit annoying to feel defeated by an update, but it's nice to look forward to something more approachable this week :) 18:12:19 sarnold: hehe, don't worry about that :) 18:12:20 this week I'm working on an update for squid and reviewing jjohansen's patches 18:12:30 I'm also on community :) 18:12:49 jdstrand: your turn :) 18:12:51 sarnold: cool. Squid is your priority this week. 18:13:01 mdeslaur: thanks 18:13:46 sarnold: I'd like to see squid published on thursday 18:13:57 sarnold: and if you still need testing, it can get pushed back to monday 18:14:02 sarnold: is that reasonable? 18:14:10 mdeslaur: I think so 18:14:16 sarnold: cool, thanks 18:15:43 [TOPIC] Highlighted packages 18:15:52 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 18:15:57 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 18:16:11 http://people.canonical.com/~ubuntu-security/cve/pkg/mathopd.html 18:16:13 http://people.canonical.com/~ubuntu-security/cve/pkg/elinks.html 18:16:16 http://people.canonical.com/~ubuntu-security/cve/pkg/openarena.html 18:16:19 http://people.canonical.com/~ubuntu-security/cve/pkg/libsmi.html 18:16:24 http://people.canonical.com/~ubuntu-security/cve/pkg/geshi.html 18:16:53 Also, there are a lot of merge opportunities for packages listed in http://people.canonical.com/~ubuntu-security/d2u/. Performing these updates is a great way to help Ubuntu and bolster your developer application. 18:17:00 [TOPIC] Miscellaneous and Questions 18:17:05 Does anyone have any other questions or items to discuss? 18:23:37 mdeslaur, sbeattie, tyhicks, jjohansen, sarnold: thanks! 18:23:39 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)