16:31 <jdstrand> #startmeeting
16:31 <meetingology> Meeting started Mon Jul  1 16:31:12 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:31 <meetingology> 
16:31 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
16:31 <jdstrand> The meeting agenda can be found at:
16:31 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:32 <jdstrand> [TOPIC] Announcements
16:32 <jdstrand> Stefan Bader (smb) provided debdiffs for precise-saucy for xen. Your work is very much appreciated and will keep Ubuntu users secure. Thanks! :)
16:32 <jdstrand> [TOPIC] Weekly stand-up report
16:32 <jdstrand> I'll go first
16:33 <jdstrand> I'm in the happy place this week, though I didn't really get to community last week
16:33 <jdstrand> sarnold, can you hold off on community duties this week?
16:33 <jdstrand> sarnold: feel free to respond to #ubuntu-hardened, but just not the current backlog. I'll get to it
16:33 <jdstrand> worked a lot on the SDK last week. Need to upload the latest patchset to saucy, upstream the patchset and file a few bugs with the SDK team and coordinate with them before I handoff to sbeattie
16:34 <jdstrand> I also need to coordinate with the team the work for this month
16:34 <jdstrand> (ie, send the email)
16:34 <jdstrand> I am working on lcms2 and openjdk-7 updates
16:34 <jdstrand> and am patch piloting this week
16:35 <sbeattie> jdstrand: did you upload the sdk patch set to the dbus-dev ppa?
16:35 <jdstrand> sbeattie: a variation of it. I need to upload there too. basically, I did several uploads-- the ppa got an early one, then saucy got the others. I have one more for both
16:36 <sbeattie> okay
16:36 <jdstrand> sbeattie: mdes laur is off today. you're up
16:37 <sbeattie> I'm focused on apparmor development again this week.
16:38 <sbeattie> I'm sweeping through my email after having been on holiday for two weeks
16:38 <sbeattie> I need to review what jdstrand did with the sdk patches and see what's next to work on there.
16:39 <sbeattie> I also need to look at and respond to the ipc email jjohansen sent to the apparmor list
16:39 * jjohansen feels sorry for sbeattie
16:39 <sbeattie> That's all I can remember at the moment, I'm sure there's other things I need to do.
16:39 <sbeattie> tyhicks: tag.
16:39 <jdstrand> sbeattie: I can tell you right off the most important thing this month is the click apparmor hook
16:39 <sbeattie> cool
16:40 <jdstrand> a demo will be help at the end of the month for the higher ups, so we kinda need that :)
16:40 <jdstrand> I imagine it will be quite straightforward
16:40 <jdstrand> s/help/held
16:41 <sbeattie> okay
16:41 <tyhicks> I'll be active in the AA IPC email thread to help drive the syntax discussions to completion
16:42 <tyhicks> I'm going to look into enabling ARM package building support in dbus-dev so that I can easily "measure unpatched and patched dbus performance on phablet image"
16:42 <tyhicks> (I need to follow up w/ jjohansen to check on the phablet kernel backport status first)
16:42 <jjohansen> tyhicks: new kernels are in all 4 images, and saucy
16:42 <tyhicks> I'll be ready to help out with any online accounts questions regarding libapparmor APIs
16:43 <tyhicks> thanks jjohansen
16:43 <tyhicks> and I'll be ready to pick up the content manager work once the cli-based content manager is ready
16:44 <tyhicks> also, the kernel merge window is now open, so I'll need to prepare a pull request and I have a couple other minor eCryptfs tasks to catch up on
16:44 <tyhicks> I think that's it
16:44 <tyhicks> jjohansen: you're up
16:45 <jjohansen> so I have to finish up walking sarnold through the 2.8 release this week
16:46 <jjohansen> and I have a couple of kernel issues to hunt down that have surfaced in the maguro phablet kernel
16:46 <jjohansen> and then I'll doing apparmor dev
16:47 <jjohansen> oh and I suppose tormenting people with IPC syntax emails
16:47 <jjohansen> I think that is it from me
16:47 <jjohansen> sarnold: your up
16:47 <sbeattie> jjohansen: now that I'm back, would it make more sense for me to walk sarnold through the release?
16:47 <jdstrand> jjohansen: so, it is just maguro, not the others?
16:47 <jjohansen> sbeattie: it might
16:48 <jdstrand> I think it would be great if sbeattie could help jjohansen in that way
16:48 <sarnold> I'm on community this week; jdstrand has suggested he'll take over some of the duties from his week, but since I've already done one of the ruby-openid-ish updates from ckuerste, it'd be easy for me to take at least that one and make sure it looks a lot like the previous one...
16:48 <jjohansen> jdstrand: yes they have only showed up in maguro. That doesn't mean they aren't in the others but ...
16:48 <jdstrand> but I'll leave it up to you guys
16:49 <jdstrand> jjohansen: that is interesting. quite a few people have mako and grouper fwiw
16:49 <jdstrand> anyhoo, hopefully it will be easy to track down
16:49 <sarnold> I also have some openssl packages with the site-wide compression disable patch in -proposed that I would like to distribute far and wide, and USN
16:49 <jdstrand> sarnold: feelf ree to take ruby-openid-ish
16:49 <jdstrand> sarnold: I just didn't want to stick you with the stuff I didn't do
16:50 <sarnold> the tracking bug had less traffic than I hoped, but it was one guy saying the updated openssl let him pass his PCI-DSS audit for postfix, so hooray :)
16:50 <sarnold> jdstrand: cool, thanks
16:50 <jjohansen> jdstrand: yeah its a bit of a pain, but I have reproduced with the x86 version of the 3.0 backport so its not a problem
16:50 <jjohansen> otherwise I would have been bugging you for a device
16:51 <sarnold> I also had a few ACKs on outstanding patches on the apparmor mail list that I wanted to check into trunk and perhaps nominate for 2.8 before a 2.8.2 release
16:51 <sbeattie> sarnold: note that cboltz merged one or two this morning.
16:52 <sarnold> and the AppArmor IPC mails will likely consume the rest of my week; bouncycastle testing is again a bottom-priority task
16:52 <sarnold> sbeattie: oh, cool :)
16:52 <sarnold> I think that's it for me, chrisccoulson, your turn
16:52 <chrisccoulson> hi :)
16:52 <chrisccoulson> so, last week was a fun week of updates (firefox, thunderbird and chromium)
16:53 <chrisccoulson> i'm currently looking at a crash in chromium, and there's going to be an update to fix a webapp-related issue as well
16:53 <sarnold> (thank you :)
16:54 <chrisccoulson> also, bug 1194841 (firefox), which i'll do another update for this week
16:54 <ubottu> bug 1194841 in firefox (Ubuntu Raring) "Firefox 22 uses stale manual proxy settings when configured to use system proxy settings, and system proxy settings are set to "None"" [High,Triaged] https://launchpad.net/bugs/1194841
16:54 <chrisccoulson> that one is pretty annoying, especially as it was known upstream, but their release team rejected including it for 22.0
16:55 <chrisccoulson> then after that, it's back on to oxide hacking again :)
16:55 <chrisccoulson> (there aren't any other planned updates this week)
16:55 <chrisccoulson> i think that's me done
16:55 <jdstrand> chrisccoulson: we should have that cross-team oxide meeting soon
16:56 <jdstrand> [TOPIC] Highlighted packages
16:56 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:56 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:56 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/srtp.html
16:56 <chrisccoulson> jdstrand, yeah, i agree (sorry, just went to grab a glass of water)
16:56 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/latd.html
16:56 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/ldns.html
16:56 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/rocksndiamonds.html
16:56 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/kolabd.html
16:57 <jdstrand> [TOPIC] Miscellaneous and Questions
16:57 <jdstrand> Does anyone have any other questions or items to discuss?
17:05 <jdstrand> sbeattie, tyhicks, jjohansen, sarnold, chrisccoulson: thanks!
17:05 <jdstrand> #endmeeting