18:17:19 <jdstrand> #startmeeting
18:17:19 <meetingology> Meeting started Mon Mar 11 18:17:19 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
18:17:19 <meetingology> 
18:17:19 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
18:17:22 <jdstrand> The meeting agenda can be found at:
18:17:23 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
18:17:27 <jdstrand> [TOPIC] Announcements
18:17:43 <jdstrand> UDS was last week. We should now have our blueprints in order with what we want to work on for March all in place. Thanks for all your hard work on this!
18:17:56 <jdstrand> Thanks to Luke Faraone (lfaraone) who provided debdiffs for lucid for openafs (LP: #1145560). Your work is very much appreciated and will keep Ubuntu users secure. Great job!
18:17:59 <ubottu> Launchpad bug 1145560 in openafs (Ubuntu Quantal) "OpenAFS Security Advisories 2013-001 and 2013-002" [High,In progress] https://launchpad.net/bugs/1145560
18:18:09 <jdstrand> [TOPIC] Weekly stand-up report
18:18:13 <jdstrand> I'll go first
18:18:30 <jdstrand> this is a short week for me-- I'll be off friday
18:18:38 <jdstrand> I'm in the happy place
18:18:59 <jdstrand> I'm working on chromium-browser and thunderbird testing
18:19:09 <jdstrand> I've also got 2 embargoed items
18:19:26 <ScottK> jdstrand: BTW, the openafs SRU is released now, so there's no concern about what the security update should be based on.
18:19:32 <jdstrand> and patch piloting (should be finished soon)
18:19:41 <jdstrand> ScottK: ack, thanks :)
18:20:34 <jdstrand> sarnold is on community this week, so I'll pass that along
18:20:39 <jdstrand> mdeslaur: you're up
18:20:49 <mdeslaur> I'm on triage this week
18:21:17 <mdeslaur> the nist website is down at the moment, so I can't pull fresh CVE info....I'll try again tomorrow and will work around it if their problem persists
18:21:31 <mdeslaur> I'm working on php5 and apache2 updates
18:21:38 <mdeslaur> I also have an embargoed issue i'm working on
18:21:53 <mdeslaur> that's it for me
18:21:55 <mdeslaur> sbeattie: you're up
18:22:14 <sbeattie> I'm dedicated again to apparmor stuff this week.
18:23:03 <sbeattie> I'll be continuing the work on the display manager prototype, and the work items related to that.
18:23:15 <sbeattie> And that's pretty much it for me.
18:23:19 <sbeattie> tyhicks: you're up.
18:23:25 <tyhicks> I'll be working on the following work items:
18:23:35 <tyhicks> [tyhicks] library label permission query api (high) (2): INPROGRESS
18:23:35 <tyhicks> [tyhicks] dbus daemon, use library label permission query api (high) (1): TODO
18:23:38 <tyhicks> [tyhicks] dbus daemon, use aa_getpeercon - dbus (high) (1): TODO
18:24:09 <tyhicks> I'll also need to tend to some eCryptfs maintenance work
18:24:37 <tyhicks> There's renewed interest in an old patch that improves performance on newer hardware (mainly with SSDs and AES-NI support)
18:24:57 <tyhicks> cking has nicely done some indepth benchmarking and I'll need to give the patch one more review
18:25:01 <tyhicks> That's it for me
18:25:05 <tyhicks> jjohansen: you're up
18:26:29 <jjohansen> so I am working on apparmor as well this week
18:26:29 <jjohansen> I have some more work on socket labeling and also on fixing stacking issues when the stack is split across a namespace
18:27:03 <jjohansen> and I will probably drop another present or 10 for sarnold to look at
18:27:13 <jjohansen> thats it, sarnold your up
18:28:06 <sarnold> I'm starting this week with the logind MIR; pitti decided to ask for a review of a newer package over the weekend rather than the version in raring, so I'll wind up taking longer than usual for this MIR as I'm duplicating some work already done...
18:28:50 <sarnold> after the MIR is done I'm liable to work on objectives this week, perhaps finally giving juju the time it deserves :)
18:29:13 <sarnold> I also understand jjohansen has a present for me! Woot. :)
18:29:17 <sarnold> jdstrand: back to you
18:30:17 <jdstrand> sarnold: from earlier in the meeting-- since you're on community, if the updated openafs debdiffs come in this week, apparently the version in -proposed has been accepted into updates (you'll see discussion of that in the bug)
18:30:58 <sarnold> jdstrand: thanks for the heads-up :)
18:31:06 <jdstrand> mp
18:31:08 <jdstrand> np even
18:31:10 <jdstrand> [TOPIC] Highlighted packages
18:31:15 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
18:31:20 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
18:31:35 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libjboss-cache2-java.html
18:31:39 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/tinyproxy.html
18:31:43 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/ruby-parser.html
18:31:47 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/pyfribidi.html
18:31:51 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/isync.html
18:32:02 <jdstrand> [TOPIC] Miscellaneous and Questions
18:32:09 <jdstrand> Does anyone have any other questions or items to discuss?
18:38:13 <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold: thanks!
18:38:13 <jdstrand> #endmeeting