16:36 <jdstrand> #startmeeting
16:36 <meetingology> Meeting started Mon Aug  5 16:36:34 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:36 <meetingology> 
16:36 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
16:36 <jdstrand> The meeting agenda can be found at:
16:36 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:36 <jdstrand> [TOPIC] Announcements
16:36 <jdstrand> Benjamin Drung (bdrung) provided updates for precise-raring for vlc (LP: 1186780) Your work is very much appreciated and will keep Ubuntu users secure. Great job! :)
16:36 <ubottu> Launchpad bug 1186780 in vlc (Ubuntu Raring) "Please update VLC (for security issues)" [Undecided,Fix released] https://launchpad.net/bugs/1186780
16:37 <jdstrand> [TOPIC] Weekly stand-up report
16:37 <jdstrand> I'll go first
16:37 <jdstrand> I'm on community this week
16:37 <jdstrand> I have some embargoed updates
16:38 <jdstrand> patch piloting for august
16:38 <jdstrand> and various audits
16:38 <jdstrand> tyhicks: you're up
16:39 <tyhicks> I'll have a little sync up with jj, when he returns, and then I'll upload apparmor and dbus with DBus mediation support
16:39 <tyhicks> there's one known bug in dbus mediation and eavesdropping
16:39 <tyhicks> I'll fix that this week
16:39 <tyhicks> (but it isn't a blocker for uploading)
16:40 <tyhicks> I'll focus on my content hub work items this week
16:40 <tyhicks> I think that's it
16:40 <tyhicks> sarnold: you're up
16:41 <sarnold> I'm in the happy place this week, so it'll be more MIR audits and apparmor patch reviews (thanks tyhicks :)
16:41 <tyhicks> Oh yeah, I think there's a couple remaining (small) patches that need to be forwarded to the list
16:41 <tyhicks> I'll dig those out
16:42 <sarnold> I'm also likely to spend more time on the dnsmasq-resolvconf-confetti bomb, that hting makes such a mess over all my VMs.
16:43 <sarnold> currently, hard-coded IPs in /etc/hosts are mostly serving, but after the -27 kernel ate some of my VM images, I had to bring up some of the VMs again multiple times to get different IPs for them. what a pain.
16:43 <jdstrand> sarnold: I think some of that may be a one time sorta thing
16:43 <sarnold> jdstrand: yeah, I'm hopeful to keep it that way. :)
16:44 <sarnold> I think that's me, chrisccoulson, your turn :)
16:44 <chrisccoulson> hi
16:44 <jdstrand> sarnold: eg, maybe just start over-- clean our /etc/hosts of the static ones, then start each vm, one at a time, and ssh-keygen -R as needed until at the end you have all of them with new ip addresses
16:44 <jdstrand> sarnold: we can talk more elasewhere if you want
16:44 <jdstrand> s/elasewhere/elsewhere/
16:44 <chrisccoulson> so, this week is going to be a fun week. it's firefox and thunderbird release day tomorrow, so i'm currently working on that
16:44 <sarnold> \o/
16:45 <chrisccoulson> i've also been working on adding greasemonkey style user script support to oxide, which i plan to use for the unit tests (and which will probably form the basis of webapps)
16:45 <jdstrand> chrisccoulson: was there anything for them coming out of blackhat/defcon?
16:45 <chrisccoulson> jdstrand, not that i'm aware of
16:45 <jdstrand> good for them :)
16:46 <chrisccoulson> i shall get chromium out this week as well
16:47 <chrisccoulson> and i've got a meeting about the UA string for the mobile browser
16:47 <chrisccoulson> i think that's me done
16:47 <sarnold> jdstrand: the only thing I saw come out of blackhat for the browsers was "hey javascript lets you do a lot of amazing things, and advertising networks make it easy to rent time in a few million browsers..."
16:48 <jdstrand> chrisccoulson: there may be some more oxide discussions too-- I plan on poking at the thread
16:48 <jdstrand> sarnold: neat. I look forward to hearing from mdeslaur and sbeattie when they get back :)
16:48 <sarnold> jdstrand: me too :)
16:48 <jdstrand> [TOPIC] Highlighted packages
16:49 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/batmand.html
16:49 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/aria2.html
16:49 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/unbound.html
16:49 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/squidclamav.html
16:49 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/policycoreutils.html
16:49 <jdstrand> The highlighted packages for this week are ^
16:49 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/Securi
16:49 <jdstrand> [TOPIC] Miscellaneous and Questions
16:49 <jdstrand> Does anyone have any other questions or items to discuss?
16:55 <jdstrand> tyhicks, sarnold, chrisccoulson: thanks!
16:55 <jdstrand> #endmeeting