16:31:52 #startmeeting 16:31:52 Meeting started Mon May 13 16:31:52 2013 UTC. The chair is jdstrand_. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:31:52 16:31:52 Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired 16:32:24 The meeting agenda can be found at: 16:32:25 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32:29 [TOPIC] Announcements 16:32:37 Francois Trahan (francois-trahan) provided diffs for precise-raring for fwlogwatch (LP: #1178281) 16:32:39 Launchpad bug 1178281 in fwlogwatch (Ubuntu) "bad timestamp parsing" [Undecided,Fix released] https://launchpad.net/bugs/1178281 16:32:43 Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 16:32:59 [TOPIC] Weekly stand-up report 16:33:02 I'll go first 16:33:44 I'm on triage this week 16:33:53 I'll be participating in vUDS 16:34:08 I've still got some sprint followups to do 16:34:24 I've got a keystone update I'm going to try to push out 16:34:41 and I need to patch pilot (deferred from last week) 16:35:01 beyond that, I've got a short week this week (off friday) 16:35:18 I'm also off next monday, so if womeone could lead the meeting, that would be great :) 16:35:26 mdeslaur: you're up 16:35:35 jdstrand: I'll lead the meeting next week 16:35:39 mdeslaur: thanks 16:35:42 jdstrand: I'm on community this week 16:35:48 whoops :) 16:35:54 I'm on community this week 16:36:03 I'm currently working on tiff updates 16:36:43 and I have some code to get native apparmor and MAC support into upstart that I want to submit upstream 16:36:51 \o/ 16:36:54 nice :) 16:37:12 yes, it'll be awesome for confining apps in user mode 16:37:30 and after that, I'll continue going down the CVE list 16:37:44 and, of course, I will be attending uds 16:37:52 that's it from me, sbeattie, you're up 16:38:30 I'm again focused on apparmor related items this week, specifically focused on the security-s-appisolation-sdk blueprint 16:38:50 I'm currently working on getting easyprof to support json input 16:39:04 I'll also be attending uds this week 16:39:14 that's pretty much it for me... tyhicks? 16:39:38 I'm working on https://blueprints.launchpad.net/ubuntu/+spec/security-s-appisolation-dbus-performance 16:39:55 I gathered performance numbers late friday and over the weekend and I'm analyzing them now 16:40:33 I need to circle back around to the dbus policy language thread on the apparmor list and see if we can get a consensus on how the dbus rules should be structured and then make those changes 16:41:22 ah yeah, I need to focus some more time there as well. 16:41:23 also, I'd like to start fixing one of the known performance problems in how we're doing the AA access checks in dbus 16:41:35 (and then rerun the tests) 16:41:50 I'll be attending UDS as well 16:41:51 that's it for me 16:42:28 sarnold: I think you're up and then we can come back to jj 16:43:31 I'm in the happy place this week; I'll be spenidng most of my time reviewing jj's patches, but I'll probably dust off my auto* and m4 knowledge and fake python 3 porting knowledge and review someof the patches sent last week .. or two weeks back .. 16:44:04 * tyhicks still needs to send a few prereq patches for dbus support in apparmor 16:44:05 I'm also going to look at mdeslaur's upstart patches, though earlier versions looked pretty well baked, it feels like that ought to go quickly 16:44:12 actually, we missed chrisccoulson 16:44:23 and I'll be doing UDS :) 16:44:27 ah, sorry, sarnold is still going (sorry) 16:44:34 chrisccoulson: you're up, hand the baton to jj when he shows up :) 16:45:30 hi :) 16:46:04 so, i spent some time last week getting more familiar with chrome, following the discussions from the sprint 16:46:24 i've put that to one side now to handle the regular firefox and thunderbird updates 16:46:29 which are nearly done 16:46:36 (woot) 16:47:10 although, been hitting a hang frequently in raring. it turns out this is a glib bug, and i think explains some of the recent bug reports i've been getting (bug 1179554) 16:47:11 bug 1179554 in glib2.0 (Ubuntu) "Firefox hang on start because ibus calls g_object_new inside a class_init function" [High,Triaged] https://launchpad.net/bugs/1179554 16:48:01 also, the arm builds failed because some jit tests timed out. i reproduced the same failures on my pandaboard at the weekend, and verified that lengthening the timeout fixes it 16:48:16 also working on an embargoed update 16:48:31 i think that's me done 16:48:44 jjohansen, i think it's your turn now :) 16:48:52 hey 16:49:18 so I will be working on my apparmor bp work items 16:49:47 https://blueprints.launchpad.net/ubuntu/+spec/appdev-s-appisolation-signals-ipc-ptrace 16:50:22 I have some prep to do for tomorrows apparmor IRC meeting 16:51:25 and I need to finish finding/fixing a bug with the default profile, that made its way into the most recent devel kernels 16:52:11 I think that is it for /me 16:52:27 jdstrand: back to you 16:52:47 [TOPIC] Highlighted packages 16:52:50 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:52:54 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:52:59 http://people.canonical.com/~ubuntu-security/cve/pkg/tomboy.html 16:53:03 http://people.canonical.com/~ubuntu-security/cve/pkg/xmp.html 16:53:05 http://people.canonical.com/~ubuntu-security/cve/pkg/pwlib.html 16:53:08 http://people.canonical.com/~ubuntu-security/cve/pkg/gnome-shell.html 16:53:11 http://people.canonical.com/~ubuntu-security/cve/pkg/inetutils.html 16:53:20 [TOPIC] Miscellaneous and Questions 16:53:58 I had one for sbeattie: were you able to finish your easyprof templates? 16:54:19 jdstrand: not quite, still finishing those up as well 16:54:41 ok 16:54:49 Does anyone have any other questions or items to discuss? 16:55:45 I'm curious about our proposed favored ssl/tls bindings in our SDK.. do we have an API there that's better than OpenSSL's for application authors to use? 16:56:19 do we get some nice ones for free with Qt/QML? or are they just thin wrappers around the painful API? :) 16:56:33 sarnold: Qt has some, yes 16:56:54 QML is just presentation, so it doesn't have anything 16:57:23 well, it is more than just presentation 16:58:32 but what I meant is that to get to the Qt SSL bits you need to write C++, but we don't expect many apps to be written in that (but it is there if they need it) 16:58:53 hrm. 16:59:08 the webkit view should just handle that all transparently 16:59:36 sarnold: it might be worth asking the sdk team about. they are quite responsive 16:59:49 for webby things, perhaps, but apps will likely have structured data that they want private and authenticated... 16:59:58 jdstrand: aha, got a favored contact? 17:00:17 sarnold: I'd go to bzoltan 17:00:21 jdstrand: thanks :) 17:00:24 np 17:01:04 mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks! 17:01:06 #endmeeting 17:01:10 thanks jdstrand :) 17:01:11 thanks jdstrand 17:01:12 jdstrand: thanks! 19:56:55 hello 20:01:01 oh, so mdz and cjwatson are out 20:01:19 o/ 20:01:58 kees, stgraber: ? 20:04:00 * stgraber waves 20:06:52 hm, so cjwatson was chair originally, and seems kees is out, too 20:06:59 so I guess I'm next in line 20:07:02 pitti: Error: Can't start another meeting, one is in progress. 20:07:07 oh 20:07:24 hm, who started this? 20:07:35 meetingology: help 20:07:35 pitti: (help [] []) -- This command gives a useful description of what does. is only necessary if the command is in more than one plugin. 20:07:45 #endmeeting