16:33 <jdstrand> #startmeeting
16:33 <meetingology> Meeting started Mon Dec  2 16:33:09 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:33 <meetingology> 
16:33 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
16:33 <jdstrand> The meeting agenda can be found at:
16:33 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:33 <jdstrand> [TOPIC] Weekly stand-up report
16:33 <jdstrand> I'll go first
16:33 <jdstrand> I'm on community this week
16:33 <jdstrand> I've got another short week (off friday)
16:33 <jdstrand> I need to catch up from last week-- I think I am not too bad at this point
16:34 <jdstrand> mdeslaur: thanks for picking up the triage while I was out
16:34 <mdeslaur> jdstrand: np!
16:34 <jdstrand> there are a couple of updates I am eyeing
16:34 <jdstrand> and a few work items
16:34 <jdstrand> (I hope to upload a new apparmor-easyprof-ubuntu this week and write some image tests for it)
16:35 <jdstrand> I've also got patch piloting
16:35 <jdstrand> mdeslaur: you're up
16:35 <mdeslaur> I'm in the happy place this week
16:35 <mdeslaur> I have a few updates ready, but I've found issues with them, so they probably won't go out this week
16:36 <mdeslaur> I'm currently still poking at getting rid of ruby1.8 from main for trusty
16:36 <mdeslaur> and I'm patch piloting on wednesday
16:36 <mdeslaur> I'll be picking up more CVE updates
16:36 <mdeslaur> that's it from me
16:36 <mdeslaur> sbeattie: you're up
16:36 <sbeattie> I'm on apparmor again this week.
16:36 <mdeslaur> Oh, and I'll spend time evaluating whether we can turn tlsv1.2 back on in openssl in trusty
16:37 <sbeattie> I'll again be working on testing improvements, both for IPC and other things...
16:37 <sbeattie> as well as some non-IPC related parser fixes.
16:37 <sbeattie> which is pretty much it for me.
16:37 <sbeattie> tyhicks: you're up
16:37 <jdstrand> sbeattie: how is that coming?
16:38 <sbeattie> slow going, but making progress.
16:38 <jdstrand> what kind of coverage do we have for jj's patches?
16:39 <jdstrand> rough estimate? what is the plan wrt those testing improvements and putting things in a ppa and in Ubuntu?
16:40 <jdstrand> s/rough estimate\?/(rough estimate)/
16:40 <jjohansen> jdstrand: good question I need to sit down and coordinate with sbeattie
16:40 <jjohansen> jdstrand: there will be a new test kernel this week
16:40 <jdstrand> ok
16:40 <jjohansen> however I wouldn't recommend it as something everyone install
16:41 * jjohansen checks to see if there is anymore hair to pull out
16:42 * tyhicks goes
16:42 <tyhicks> I'm catching up from last week
16:42 <tyhicks> I ended up spending a little more time than expected last monday debugging apparmor_parser so I didn't get much time to look into enabling yama on touch
16:42 <jdstrand> tyhicks: did you get to the bottom of the segfaults?
16:43 <tyhicks> I've done the investigation and now need to backport a simple patch that enables stacking yama with other lsms
16:43 <tyhicks> jdstrand: yes
16:43 <jdstrand> cool
16:43 <tyhicks> apparmor_parser doesn't really handle multiple rule types very well
16:43 <tyhicks> well, it handles multiple rule types as far as parsing them
16:43 <jdstrand> tyhicks: idr if we mentioned goldfish as part of the yama work, but can you include it?
16:43 <tyhicks> but doesn't track them very well internally
16:44 <tyhicks> it turns out that jj has some patches in the works that improves the situation
16:44 <tyhicks> jdstrand: definitely
16:44 <tyhicks> after that, I'll start benchmarking ecryptfs and dm-crypt on arm
16:44 <tyhicks> (for the user data encryption blueprint)
16:45 <tyhicks> that's it for me
16:45 <tyhicks> jjohansen: you're up
16:46 * jjohansen is working on apparmor this week, I'll be getting out the next test kernel, coordinating with sbeattie, and hopefully digging out some parser patches to coordinate with tyhicks on
16:48 <jjohansen> I think thats it for /me sarnold your up
16:50 <sarnold> I'm on triage this week, thanks mdeslaur for filling in last week :) I'm making a good dent in the backlog of unreviewed AppArmor patches, it'd be nice to finish reviewing all the previously outstanding patches, and there's a new MIR audit requested for bbswitch that I'd like to get to this week
16:51 <sarnold> I think that's it for me, chrisccoulson, you're up :)
16:51 <chrisccoulson> hi :)
16:52 <jdstrand> jjohansen: oh, btw, is the goldfish patch in the goldfish kernel?
16:52 <chrisccoulson> i'm finishing off bug 1214049 this week (hopefully by tomorrow or wed at the latest). i've started pushing bits to https://code.launchpad.net/~chrisccoulson/oxide/accelerated-rendering already
16:52 <ubottu> bug 1214049 in Oxide "Support accelerated compositing" [High,In progress] https://launchpad.net/bugs/1214049
16:52 <jjohansen> jdstrand: no not yet
16:52 * jdstrand nod
16:52 <jdstrand> s
16:52 <chrisccoulson> i got the packaging for oxide done last week, although it did fail to build in a PPA. i've fixed a few build issues as a result of that (see the last few commits in https://code.launchpad.net/~oxide-developers/oxide/oxide.trunk)
16:53 <jdstrand> chrisccoulson: what ppa are you using?
16:53 <chrisccoulson> and i reviewed oSoMoN's navigation API work last week (https://code.launchpad.net/~osomon/oxide/navigation-api/+merge/196704/), which will land shortly
16:54 <chrisccoulson> jdstrand, https://launchpad.net/~chrisccoulson/+archive/ppa for now. i didn't want to waste an arm builder until there was a successful build on i386/amd64
16:54 <chrisccoulson> as the round-trip time is quite long ;)
16:55 <chrisccoulson> i think that's me done
16:55 <jdstrand> ack
16:55 <jdstrand> chrisccoulson: istr you saying you had a particular ppa in mind for arm. which is that?
16:55 <chrisccoulson> jdstrand, i can probably use https://launchpad.net/~canonical-arm-dev/+archive/ppa
16:56 * jdstrand is 'Not allowed here'
16:56 <chrisccoulson> ah :)
16:56 <ogra_> jdstrand, want access ?
16:56 <chrisccoulson> it does exist :)
16:56 <jdstrand> chrisccoulson: I'm not sure what to suggest
16:57 <jdstrand> sure, I'll take the access, but would it be better to use a public ppa so everyone can get their hands on it to test?
16:57 <mdeslaur> can't we get a non-virtualized builder for oxide?
16:57 <mdeslaur> s/builder/ppa/
16:58 <jdstrand> I think we want daily builds for it too, but that is a slightly different topic
16:58 <jdstrand> (however, those would also ideally be public)
16:59 <chrisccoulson> who do we ask for a non-virtualized builder?
17:00 <jdstrand> I would start with infinity
17:00 <jdstrand> he may be the one to actually do the setup, but he might need some paperwork
17:01 <jdstrand> chrisccoulson: is that something you plan on working on this week?
17:01 <chrisccoulson> jdstrand, yeah, sure
17:01 <jdstrand> cool, let's move on
17:01 <jdstrand> chrisccoulson: did you have anything else?
17:02 <chrisccoulson> jdstrand, no, i'm done now
17:02 <jdstrand> [TOPIC] Highlighted packages
17:02 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:02 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:02 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libphp-adodb.html
17:02 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/argyll.html
17:02 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libapache2-mod-nss.html
17:02 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libsocialweb.html
17:02 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libspring-java.html
17:02 <jdstrand> TOPIC] Miscellaneous and Questions
17:03 <jdstrand> Does anyone have any other questions or items to discuss?
17:06 <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks!
17:06 <jdstrand> #endmeeting