== Meeting information == * #ubuntu-meeting Meeting, 01 Jul at 16:31 — 17:05 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-07-01-16.31.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Announcements === The discussion about "Announcements" started at 16:32. === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:32. === Highlighted packages === The discussion about "Highlighted packages" started at 16:56. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/srtp.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/latd.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/ldns.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/rocksndiamonds.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/kolabd.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:57. == Vote results == == Action items == * (none) == People present (lines said) == * jdstrand (41) * sbeattie (12) * jjohansen (12) * sarnold (9) * chrisccoulson (9) * tyhicks (9) * meetingology (3) * ubottu (1) == Full Log == 16:31 #startmeeting 16:31 Meeting started Mon Jul 1 16:31:12 2013 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:31 16:31 Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired 16:31 The meeting agenda can be found at: 16:31 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 [TOPIC] Announcements 16:32 Stefan Bader (smb) provided debdiffs for precise-saucy for xen. Your work is very much appreciated and will keep Ubuntu users secure. Thanks! :) 16:32 [TOPIC] Weekly stand-up report 16:32 I'll go first 16:33 I'm in the happy place this week, though I didn't really get to community last week 16:33 sarnold, can you hold off on community duties this week? 16:33 sarnold: feel free to respond to #ubuntu-hardened, but just not the current backlog. I'll get to it 16:33 worked a lot on the SDK last week. Need to upload the latest patchset to saucy, upstream the patchset and file a few bugs with the SDK team and coordinate with them before I handoff to sbeattie 16:34 I also need to coordinate with the team the work for this month 16:34 (ie, send the email) 16:34 I am working on lcms2 and openjdk-7 updates 16:34 and am patch piloting this week 16:35 jdstrand: did you upload the sdk patch set to the dbus-dev ppa? 16:35 sbeattie: a variation of it. I need to upload there too. basically, I did several uploads-- the ppa got an early one, then saucy got the others. I have one more for both 16:36 okay 16:36 sbeattie: mdes laur is off today. you're up 16:37 I'm focused on apparmor development again this week. 16:38 I'm sweeping through my email after having been on holiday for two weeks 16:38 I need to review what jdstrand did with the sdk patches and see what's next to work on there. 16:39 I also need to look at and respond to the ipc email jjohansen sent to the apparmor list 16:39 * jjohansen feels sorry for sbeattie 16:39 That's all I can remember at the moment, I'm sure there's other things I need to do. 16:39 tyhicks: tag. 16:39 sbeattie: I can tell you right off the most important thing this month is the click apparmor hook 16:39 cool 16:40 a demo will be help at the end of the month for the higher ups, so we kinda need that :) 16:40 I imagine it will be quite straightforward 16:40 s/help/held 16:41 okay 16:41 I'll be active in the AA IPC email thread to help drive the syntax discussions to completion 16:42 I'm going to look into enabling ARM package building support in dbus-dev so that I can easily "measure unpatched and patched dbus performance on phablet image" 16:42 (I need to follow up w/ jjohansen to check on the phablet kernel backport status first) 16:42 tyhicks: new kernels are in all 4 images, and saucy 16:42 I'll be ready to help out with any online accounts questions regarding libapparmor APIs 16:43 thanks jjohansen 16:43 and I'll be ready to pick up the content manager work once the cli-based content manager is ready 16:44 also, the kernel merge window is now open, so I'll need to prepare a pull request and I have a couple other minor eCryptfs tasks to catch up on 16:44 I think that's it 16:44 jjohansen: you're up 16:45 so I have to finish up walking sarnold through the 2.8 release this week 16:46 and I have a couple of kernel issues to hunt down that have surfaced in the maguro phablet kernel 16:46 and then I'll doing apparmor dev 16:47 oh and I suppose tormenting people with IPC syntax emails 16:47 I think that is it from me 16:47 sarnold: your up 16:47 jjohansen: now that I'm back, would it make more sense for me to walk sarnold through the release? 16:47 jjohansen: so, it is just maguro, not the others? 16:47 sbeattie: it might 16:48 I think it would be great if sbeattie could help jjohansen in that way 16:48 I'm on community this week; jdstrand has suggested he'll take over some of the duties from his week, but since I've already done one of the ruby-openid-ish updates from ckuerste, it'd be easy for me to take at least that one and make sure it looks a lot like the previous one... 16:48 jdstrand: yes they have only showed up in maguro. That doesn't mean they aren't in the others but ... 16:48 but I'll leave it up to you guys 16:49 jjohansen: that is interesting. quite a few people have mako and grouper fwiw 16:49 anyhoo, hopefully it will be easy to track down 16:49 I also have some openssl packages with the site-wide compression disable patch in -proposed that I would like to distribute far and wide, and USN 16:49 sarnold: feelf ree to take ruby-openid-ish 16:49 sarnold: I just didn't want to stick you with the stuff I didn't do 16:50 the tracking bug had less traffic than I hoped, but it was one guy saying the updated openssl let him pass his PCI-DSS audit for postfix, so hooray :) 16:50 jdstrand: cool, thanks 16:50 jdstrand: yeah its a bit of a pain, but I have reproduced with the x86 version of the 3.0 backport so its not a problem 16:50 otherwise I would have been bugging you for a device 16:51 I also had a few ACKs on outstanding patches on the apparmor mail list that I wanted to check into trunk and perhaps nominate for 2.8 before a 2.8.2 release 16:51 sarnold: note that cboltz merged one or two this morning. 16:52 and the AppArmor IPC mails will likely consume the rest of my week; bouncycastle testing is again a bottom-priority task 16:52 sbeattie: oh, cool :) 16:52 I think that's it for me, chrisccoulson, your turn 16:52 hi :) 16:52 so, last week was a fun week of updates (firefox, thunderbird and chromium) 16:53 i'm currently looking at a crash in chromium, and there's going to be an update to fix a webapp-related issue as well 16:53 (thank you :) 16:54 also, bug 1194841 (firefox), which i'll do another update for this week 16:54 bug 1194841 in firefox (Ubuntu Raring) "Firefox 22 uses stale manual proxy settings when configured to use system proxy settings, and system proxy settings are set to "None"" [High,Triaged] https://launchpad.net/bugs/1194841 16:54 that one is pretty annoying, especially as it was known upstream, but their release team rejected including it for 22.0 16:55 then after that, it's back on to oxide hacking again :) 16:55 (there aren't any other planned updates this week) 16:55 i think that's me done 16:55 chrisccoulson: we should have that cross-team oxide meeting soon 16:56 [TOPIC] Highlighted packages 16:56 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:56 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:56 http://people.canonical.com/~ubuntu-security/cve/pkg/srtp.html 16:56 jdstrand, yeah, i agree (sorry, just went to grab a glass of water) 16:56 http://people.canonical.com/~ubuntu-security/cve/pkg/latd.html 16:56 http://people.canonical.com/~ubuntu-security/cve/pkg/ldns.html 16:56 http://people.canonical.com/~ubuntu-security/cve/pkg/rocksndiamonds.html 16:56 http://people.canonical.com/~ubuntu-security/cve/pkg/kolabd.html 16:57 [TOPIC] Miscellaneous and Questions 16:57 Does anyone have any other questions or items to discuss? 17:05 sbeattie, tyhicks, jjohansen, sarnold, chrisccoulson: thanks! 17:05 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)