#ubuntu-meeting log

16:47 <jdstrand> #startmeeting
16:47 <meetingology> Meeting started Mon Sep 29 16:47:44 2014 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:47 <meetingology> 
16:47 <meetingology> Available commands: action commands idea info link nick
16:47 <jdstrand> The meeting agenda can be found at:
16:47 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:48 <jdstrand> [TOPIC] Announcements
16:48 <jdstrand> Thanks to Jonathan Riddell (jr) who provided a debdiff for trusty for krfb (LP: #1374043). Your work is very much appreciated and will keep Ubuntu users secure. Great job! :)
16:48 <ubottu> Launchpad bug 1374043 in krfb (Ubuntu Utopic) "vulnerabilities in libvncserver" [Undecided,Fix released] https://launchpad.net/bugs/1374043
16:48 <jdstrand> [TOPIC] Review of any previous action items
16:48 <jdstrand> I'll go first
16:49 <jdstrand> last week I did quite a bit with apparmor and didn't do much else of what I planned. the good news is that utopic and rtm should be good to go with our current caching plans
16:50 <jdstrand> this week I'm on triage
16:50 <jdstrand> I plan to sponsor apparmor updates as I get them, and fix bugs as they come in
16:51 <jdstrand> I need to write policy for the ubuntu-downloader-manager uncompress helper
16:51 <jdstrand> and finetune the docker.io policy (I finished lxc and libvirt-lxc last week)
16:51 <jdstrand> I plan to adjust UCT for derivative branches
16:51 <jdstrand> have some click-reviewers-tools updates
16:51 <jdstrand> and patch piloting
16:52 <jdstrand> mdeslaur: you're up :)
16:52 <mdeslaur> I'm currently pushing out some libvncserver updates
16:52 <mdeslaur> and have a couple more in the list to work on
16:53 <mdeslaur> we may be getting more bash updates and possibly a regression fix this week, but the latest update should mitigate further parser issues
16:53 <mdeslaur> so the other updates aren't critical
16:53 <mdeslaur> friday I'm off
16:53 <mdeslaur> and...I'm on community this week
16:53 <mdeslaur> that's it for me, sbeattie?
16:54 <sbeattie> I'm currently poking at QRT, fixing up the kernel security checking script to compensate for a change in the reporting behavior around capabilities.
16:55 <sbeattie> I'm on apparmor this week; I need to review one last patch from tyhicks on the regression tests and a parser patch from jjohansen.
16:55 <tyhicks> thanks for all the patch review you did last week
16:55 <sbeattie> I'll also work on pulling an updated snapshot into utopic, as its only been bug fixes since our last snapshot.
16:56 <sbeattie> that's pretty much it for me. tyhicks?
16:56 <tyhicks> I'm just about done getting caught up from vacation last week
16:57 <tyhicks> I'm in the process of committing the apparmor AF_UNIX regression test patches that sbeattie reviewed for me
16:57 <tyhicks> I'll also send out an additional patch or two today to add a few more tests that he suggested
16:57 <tyhicks> after that, I'd like to get to a few things that I've had to ignore lately
16:58 <tyhicks> there are lots of comments that I need to respond to and/or address in the upstream dbus bug for apparmor mediation
16:58 <tyhicks> I need to prepare for the upcoming kernel merge window to get a few ecryptfs kernel fixes in
16:59 <tyhicks> other general ecryptfs maint duties that I've ignored recently
16:59 <tyhicks> and then it'd be nice to get back to the apparmor caching patches I was working on
16:59 <tyhicks> that's it for me
16:59 <tyhicks> jjohansen: you're up
17:00 <jjohansen> I am working on apparmor bugs this week. We will see if we can't get the last few kernel/parser bugs finally squashed.
17:01 <jjohansen> I need some time on upstream apparmor to prepare for the next opportunity for upstreaming
17:02 <jjohansen> And I expect I will also do a little poking around to make sure my bits are in place for an upstream 2.9 release, which should happen real soon now
17:03 <jdstrand> jjohansen: if you need help with kernel testing, let me know
17:03 <jjohansen> jdstrand: yep, I will
17:04 <jjohansen> I think that is it for me, sarnold you're up
17:05 <sarnold> I'm in the happy place this week; I'm working on several MIR audits, chances are good those will take the entire week. I may do some quick apparmor patch reviews as refreshers depending upon how things go.
17:06 <sarnold> that's it for me, chrisccoulson?
17:07 <chrisccoulson> sorry, I'm a bit unprepared because I've been talking in another channel :)
17:07 <chrisccoulson> hold on 1 sec
17:09 <chrisccoulson> so, this week I shall be finishing code reviews (I did one this morning)
17:10 <chrisccoulson> and, fingers crossed, landing bug 1260016
17:10 <ubottu> bug 1260016 in oxide-qt (Ubuntu RTM) "Add an API to allow defining custom URL scheme delegates" [Critical,In progress] https://launchpad.net/bugs/1260016
17:10 <chrisccoulson> (I made quite a few changes last week in preparation for this)
17:10 <chrisccoulson> other than that, fixing bugs as they come in too
17:10 <chrisccoulson> I think that's me done
17:13 <jdstrand> re 1260016> \o/
17:14 <jdstrand> chrisccoulson: I asked this in another channel, but since I have you here-- was the 2d canvas accel enabled for nexus devices?
17:15 <chrisccoulson> jdstrand, not yet. justin only provided the strings for krillin. I'm ok with that for now though (in the interests of avoiding scope creep)
17:19 <jdstrand> chrisccoulson: I understand that position. personally, as a dogfooder, I wouldn't mind that extending out since they said it worked there too (aiui)
17:19 <jdstrand> but anyhoo
17:19 * jdstrand was looking forward to having it on his phone, and was crushed to see it not there ;)
17:20 * jdstrand is not asking to change the decision, just providing user feedback
17:20 <jdstrand> ok, moving on
17:20 <jdstrand> [TOPIC] Highlighted packages
17:20 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:20 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:20 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/php-xajax.html
17:20 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/haskell-tls-extra.html
17:20 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/snack.html
17:21 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libicc.html
17:21 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/freeipa.html
17:21 <jdstrand> [TOPIC] Miscellaneous and Questions
17:21 <jdstrand> Does anyone have any other questions or items to discuss?
17:24 <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks!
17:24 <jdstrand> #endmeeting