17:08 <jdstrand> #startmeeting
17:08 <meetingology> Meeting started Mon Sep 16 17:08:07 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
17:08 <meetingology> 
17:08 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
17:08 <jdstrand> The meeting agenda can be found at:
17:08 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
17:08 <jdstrand> [TOPIC] Weekly stand-up report
17:08 <jdstrand> I'll go first
17:08 <jdstrand> I'm on triage this week
17:09 <jdstrand> I've got planning to do related to getting something together 14.04 and until release, but for the most part, stuff that is hitting saucy is not feature work at this point
17:09 <jdstrand> so I've put that on the backburner for the moment
17:10 <jdstrand> (ie, we are finishing up things we've started and fixing bugs in 13.10-- but I know we are already starting some 14.04 stuff, which is fine)
17:10 <jdstrand> (and by 14.04, I mean 13.10 stuff that was postponed :)
17:10 <jdstrand> ok
17:11 <jdstrand> I've been working a lot on trying to get all our policy in order
17:11 <sbeattie> jdstrand: thanks for that
17:11 <jdstrand> and its coming along, but has been difficult in spots because the APIs haven't all landed in their full form yet
17:11 <jdstrand> sbeattie: np
17:11 <jdstrand> sbeattie: thanks for being flexible in what you're working on :)
17:12 <sbeattie> heh, sure.
17:12 <jdstrand> I'm also following up with various teams to get bugs fixed and policy workarounds removed
17:12 <jdstrand> (eg, all the bugs surrounding non-app-specific paths)
17:13 <jdstrand> also working with appstore reviews and how to automate them where we can
17:13 <jdstrand> and discussing webapps confinement a bit
17:13 <jdstrand> all that will continue this week and I hope to check of related work items
17:14 <jdstrand> I also have MIR reviews that I am working on
17:14 <jdstrand> and will pick up an update if I can
17:14 <jdstrand> I think that's it for me
17:14 <jdstrand> mdeslaur: you're up
17:14 <mdeslaur> I'm on community this week
17:14 <mdeslaur> and am working on a bunch of embargoed issues
17:14 <mdeslaur> hopefully they'll all get published this week
17:14 <mdeslaur> that's it from me
17:15 <mdeslaur> sbeattie: you're up
17:15 <sbeattie> I'm on apparmor this week
17:15 <sbeattie> I'm again working on testing stuff, particularly IPC, in support of the development work jjohansen is doing.
17:16 <sbeattie> I've also been picking up other odds and ends on the apparmor front
17:16 <sbeattie> Oh, I'm trying to fix the daily build ppa breakage (my fault, mostly)
17:16 <sbeattie> that's pretty much it for me. tyhicks?
17:16 <tyhicks> I'm working on an embargoed issue
17:17 <tyhicks> I need to help jjohansen prep for the AppArmor sessions at LSS (Linux Security Summit)
17:17 <tyhicks> I'll be attending Plumbers (and probably some of LSS) this week
17:17 <tyhicks> I also need to scrape through the apparmor list and get patches committed
17:17 <tyhicks> (mainly the C++ patches that have been acked)
17:18 <tyhicks> that's it for me
17:18 <tyhicks> jjohansen: you're up
17:19 <jjohansen> I am prepping for and attending Linux Security Summit (LSS) this week. We have 2 presentations and a status update around apparmor and the security work for ubuntu touch
17:21 <jdstrand> nice
17:21 <jjohansen> I will also try to get up a test kernel for some of the ipc and stacking but that will depend on how the prep goes
17:22 <jjohansen> that's it for me sarnold your up
17:23 <sarnold> I'm in my happy place this week; this week and next week are short weeks, friday and monday off. I'm doing mostly MIR audits, only Mir, unity-system-compositor, gunicorn, and open-vm-tools remain :) but only two, maybe three, likely this week.
17:24 <sarnold> sorry I've been neglecting the apparmor patches, if there's anything that's not yet received a review from someone else, you guys can ping me on it specific and I'll give it a look
17:24 <sarnold> but "all 78 mails" would be a while :) hehe
17:25 <sarnold> chrisccoulson: your turn
17:25 <chrisccoulson> i had a short week last week, and it feels like it's been ages since my last meeting ;)
17:25 * jjohansen notes to do a push just for sarnold
17:26 <chrisccoulson> i got flash updated last week. this week, it's firefox and thunderbird (and a big one for thunderbird, 17 -> 24)
17:26 <jdstrand> chrisccoulson: welcome! :)
17:26 <chrisccoulson> hi :)
17:26 <chrisccoulson> i worked on automated testing for oxide. will hopefully finish that this week
17:27 <chrisccoulson> i think that's me done
17:27 <jdstrand> chrisccoulson: sorry if I'm dense-- you've been working on and planning to work on oxide automated testing/
17:27 <jdstrand> ?
17:28 * jdstrand couldn't fully parse chrisccoulson's stand-up
17:29 <chrisccoulson> jdstrand, i've been working on adding automated tests since last week
17:30 <jdstrand> chrisccoulson: ok, for some reason that is not listed on https://blueprints.launchpad.net/ubuntu/+spec/client-1308-oxide. can you add a work item for that and mark it INPROGRESS?
17:32 <chrisccoulson> jdstrand, ah, sure. in future, all features will come with tests. the work i'm doing now is adding tests retrospectively, as it depended on adding support for exchanging messages with content scripts, which was quite a bit of work :)
17:32 <jdstrand> yeah, I bet
17:32 <jdstrand> chrisccoulson: cool, thanks for that :)
17:32 <jdstrand> [TOPIC] Highlighted packages
17:32 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:32 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:33 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/xymon.html
17:33 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libsdp.html
17:33 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/kronolith2.html
17:33 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/citadel.html
17:33 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/xml-light.html
17:33 <jdstrand> [TOPIC] Miscellaneous and Questions
17:34 <jdstrand> mdeslaur: so, the only thing I was going to ask about was seeing if sarnold could help out with updates, but with his short week and the number of audits, that seems like 'no'
17:34 <mdeslaur> jdstrand: yeah, that's fine...the mirs are more pressing for now
17:35 <jdstrand> well, soon there will be help
17:35 <jdstrand> it is hard to beleive that 13.10 will be released in like 5 weeks
17:35 <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks
17:35 <jdstrand> #endmeeting