16:46 <jdstrand> #startmeeting
16:46 <meetingology> Meeting started Mon Dec 16 16:46:00 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:46 <meetingology> 
16:46 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
16:46 <jdstrand> The meeting agenda can be found at:
16:46 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:46 <jdstrand> [TOPIC] Announcements
16:46 <jdstrand> Due to the EOY leave, the next security team meeting will be 2014/01/06
16:47 <jdstrand> [TOPIC] Weekly stand-up report
16:47 <jdstrand> I'll go first
16:47 <jdstrand> I'm on triage this week
16:47 <jdstrand> I'll be here all week this week!
16:47 <jdstrand> (try the veal)
16:47 <mdeslaur> \o/
16:47 <jdstrand> but, I'm off the next two weeks
16:48 <mdeslaur> slacker
16:48 <mdeslaur> :)
16:48 <jdstrand> hehe
16:48 <jdstrand> I've got some pending updates
16:48 <jdstrand> and a few work items around apparmor-easyprof-ubuntu that I am working on
16:49 <jdstrand> I dug into oxide testing last week and started developing policy for apparmor policy version 1.1 for it
16:49 <jdstrand> chris is off til the end of the year, so I'll mention that the packaging is all together for it, and it builds for all archs
16:50 <mdeslaur> oh, that's awesome :)
16:50 <jdstrand> it fails at runtime on armhf which we think is due to a compile-time option surrounding neon
16:50 <jdstrand> the navigation api is reviewed and I think will be committed soon
16:51 <jdstrand> so it is really coming along. I've got a todo this week to communicate this to other stakeholders (and an oxide meeting too)
16:51 <jdstrand> I think that's it for me
16:51 <jdstrand> mdeslaur: you're up
16:51 <mdeslaur> I'm on community this week
16:51 <mdeslaur> I have a couple of updates pending, I'm in the final stages of testing
16:52 <mdeslaur> and I'll continue going down the list, as usual.
16:52 <mdeslaur> that's about it from me
16:52 <mdeslaur> hrm, sbeattie isn't here
16:52 <mdeslaur> tyhicks: you're up
16:52 <tyhicks> I've got some carry over from last week
16:53 <tyhicks> I got hung up for a little too long on an issue where the emulator fails the executable stack test of test-kernel-security.py
16:53 <tyhicks> I spent quite a bit of time on it and I've convinced myself that it is an emulator bug because everything works fine on maguro
16:54 <jjohansen1> ickky
16:54 <jdstrand> tyhicks: interesting-- can you file it if you haven't already? it would be good to get the emulator fixed so that other teams don't get tripped up
16:54 <tyhicks> I've built final goldfish, manta, and mako kernels and need to do some quick testing and then send off the patches
16:54 <tyhicks> jdstrand: sure, that's a good idea
16:54 <jdstrand> tyhicks: oh, maguro, interesting-- do we have access to that device on the team?
16:55 <jjohansen1> jdstrand: ? I've got one
16:55 <tyhicks> oh no
16:55 <tyhicks> I was wrong about the code name
16:55 <tyhicks> I meant grouper
16:55 <jdstrand> jjohansen1: ah right, you have nearly everything :)
16:55 <jdstrand> ok
16:55 * tyhicks has another shot of coffee
16:55 <jdstrand> heh
16:56 <tyhicks> after that, I'll be on user data encryption
16:56 <jjohansen1> jdstrand: no no, please forget I ever mentioned uh, never mind ;)
16:56 <tyhicks> well, there is one problem
16:56 <tyhicks> I can't test the manta and mako kernels
16:57 <tyhicks> but I also don't want to bog down jj
16:57 <tyhicks> I think testing in the emulator is sufficient, though
16:57 <jdstrand> I have a mako. chris has a manta
16:57 <jdstrand> (though chris is off this week)
16:57 <jdstrand> tyhicks: if you need me, holler
16:57 <tyhicks> all mako and manta get are some backported yama patches since their kernel configs were already hardened correctly
16:57 <tyhicks> ok
16:57 <tyhicks> I'll think about it some more
16:57 <tyhicks> that's it for me
16:57 <tyhicks> jjohansen1: you're up
16:59 <jjohansen1> I'm working on apparmor again this week, I've got some testing work to coordinate with sbeattie around dfa and permission changes, and yes ipc work.
17:00 <jjohansen1> And I'm fixing another invalidation bug that keeps taking down anything using a compound label
17:00 <jjohansen1> so files, sockets, ..., stacking pretty much everything
17:00 * jjohansen1 sighs
17:01 <sarnold> :(
17:02 <jjohansen1> well I think thats it from me, sarnold your up
17:04 <sarnold> I'm in the happy place this week
17:05 <sarnold> I'm all caught up on the apparmor patches (I think) so I'm moving on to the MIR audits, it's amazing how quicklyu they pile up when I'm not looking..
17:05 <jdstrand> yes...
17:05 <tyhicks> sounds like it is about time to write some more apparmor patches
17:05 <tyhicks> ;)
17:06 <jdstrand> hah
17:06 <sarnold> haha :)
17:07 <sarnold> I started reading the developer.ubuntu.com docs last night and found a handful of problems that I'll file some bugreports for.. it's amazing how much is done already :) woo.
17:07 <sarnold> I think that's me covered, jdstrand back to you
17:08 <jdstrand> sarnold: are these security bugs or just regular bugs?
17:08 <sarnold> jdstrand: regular bugs :) woot
17:08 <jdstrand> ok, good :)
17:08 <jdstrand> [TOPIC] Highlighted packages
17:08 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:08 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:09 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/rawstudio.html
17:09 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/nagstamon.html
17:09 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/slim.html
17:09 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/ruby-passenger.html
17:09 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/autotrace.html
17:09 <jdstrand> [TOPIC] Miscellaneous and Questions
17:09 <jdstrand> Does anyone have any other questions or items to discuss?
17:09 <mdeslaur> jdstrand: we need to talk about who is doing watch during the holidays
17:10 <jdstrand> mdeslaur: yeah, I added that to my todo this morning
17:10 <mdeslaur> cool
17:10 <jdstrand> mdeslaur: thanks for reminding me
17:14 <jdstrand> mdeslaur, tyhicks, jjohansen1, sarnold: thanks!
17:14 <jdstrand> #endmeeting