== Meeting information == * #ubuntu-meeting Meeting, 29 Sep at 16:47 — 17:24 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-09-29-16.47.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Announcements === The discussion about "Announcements" started at 16:48. === Review of any previous action items === The discussion about "Review of any previous action items" started at 16:48. === Highlighted packages === The discussion about "Highlighted packages" started at 17:20. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/php-xajax.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/haskell-tls-extra.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/snack.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libicc.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/freeipa.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 17:21. == Vote results == == Done items == * (none) == People present (lines said) == * jdstrand (36) * tyhicks (11) * chrisccoulson (8) * mdeslaur (7) * jjohansen (5) * sbeattie (4) * meetingology (3) * sarnold (2) * ubottu (2) == Full Log == 16:47 #startmeeting 16:47 Meeting started Mon Sep 29 16:47:44 2014 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:47 16:47 Available commands: action commands idea info link nick 16:47 The meeting agenda can be found at: 16:47 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:48 [TOPIC] Announcements 16:48 Thanks to Jonathan Riddell (jr) who provided a debdiff for trusty for krfb (LP: #1374043). Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 16:48 Launchpad bug 1374043 in krfb (Ubuntu Utopic) "vulnerabilities in libvncserver" [Undecided,Fix released] https://launchpad.net/bugs/1374043 16:48 [TOPIC] Review of any previous action items 16:48 I'll go first 16:49 last week I did quite a bit with apparmor and didn't do much else of what I planned. the good news is that utopic and rtm should be good to go with our current caching plans 16:50 this week I'm on triage 16:50 I plan to sponsor apparmor updates as I get them, and fix bugs as they come in 16:51 I need to write policy for the ubuntu-downloader-manager uncompress helper 16:51 and finetune the docker.io policy (I finished lxc and libvirt-lxc last week) 16:51 I plan to adjust UCT for derivative branches 16:51 have some click-reviewers-tools updates 16:51 and patch piloting 16:52 mdeslaur: you're up :) 16:52 I'm currently pushing out some libvncserver updates 16:52 and have a couple more in the list to work on 16:53 we may be getting more bash updates and possibly a regression fix this week, but the latest update should mitigate further parser issues 16:53 so the other updates aren't critical 16:53 friday I'm off 16:53 and...I'm on community this week 16:53 that's it for me, sbeattie? 16:54 I'm currently poking at QRT, fixing up the kernel security checking script to compensate for a change in the reporting behavior around capabilities. 16:55 I'm on apparmor this week; I need to review one last patch from tyhicks on the regression tests and a parser patch from jjohansen. 16:55 thanks for all the patch review you did last week 16:55 I'll also work on pulling an updated snapshot into utopic, as its only been bug fixes since our last snapshot. 16:56 that's pretty much it for me. tyhicks? 16:56 I'm just about done getting caught up from vacation last week 16:57 I'm in the process of committing the apparmor AF_UNIX regression test patches that sbeattie reviewed for me 16:57 I'll also send out an additional patch or two today to add a few more tests that he suggested 16:57 after that, I'd like to get to a few things that I've had to ignore lately 16:58 there are lots of comments that I need to respond to and/or address in the upstream dbus bug for apparmor mediation 16:58 I need to prepare for the upcoming kernel merge window to get a few ecryptfs kernel fixes in 16:59 other general ecryptfs maint duties that I've ignored recently 16:59 and then it'd be nice to get back to the apparmor caching patches I was working on 16:59 that's it for me 16:59 jjohansen: you're up 17:00 I am working on apparmor bugs this week. We will see if we can't get the last few kernel/parser bugs finally squashed. 17:01 I need some time on upstream apparmor to prepare for the next opportunity for upstreaming 17:02 And I expect I will also do a little poking around to make sure my bits are in place for an upstream 2.9 release, which should happen real soon now 17:03 jjohansen: if you need help with kernel testing, let me know 17:03 jdstrand: yep, I will 17:04 I think that is it for me, sarnold you're up 17:05 I'm in the happy place this week; I'm working on several MIR audits, chances are good those will take the entire week. I may do some quick apparmor patch reviews as refreshers depending upon how things go. 17:06 that's it for me, chrisccoulson? 17:07 sorry, I'm a bit unprepared because I've been talking in another channel :) 17:07 hold on 1 sec 17:09 so, this week I shall be finishing code reviews (I did one this morning) 17:10 and, fingers crossed, landing bug 1260016 17:10 bug 1260016 in oxide-qt (Ubuntu RTM) "Add an API to allow defining custom URL scheme delegates" [Critical,In progress] https://launchpad.net/bugs/1260016 17:10 (I made quite a few changes last week in preparation for this) 17:10 other than that, fixing bugs as they come in too 17:10 I think that's me done 17:13 re 1260016> \o/ 17:14 chrisccoulson: I asked this in another channel, but since I have you here-- was the 2d canvas accel enabled for nexus devices? 17:15 jdstrand, not yet. justin only provided the strings for krillin. I'm ok with that for now though (in the interests of avoiding scope creep) 17:19 chrisccoulson: I understand that position. personally, as a dogfooder, I wouldn't mind that extending out since they said it worked there too (aiui) 17:19 but anyhoo 17:19 * jdstrand was looking forward to having it on his phone, and was crushed to see it not there ;) 17:20 * jdstrand is not asking to change the decision, just providing user feedback 17:20 ok, moving on 17:20 [TOPIC] Highlighted packages 17:20 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 17:20 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 17:20 http://people.canonical.com/~ubuntu-security/cve/pkg/php-xajax.html 17:20 http://people.canonical.com/~ubuntu-security/cve/pkg/haskell-tls-extra.html 17:20 http://people.canonical.com/~ubuntu-security/cve/pkg/snack.html 17:21 http://people.canonical.com/~ubuntu-security/cve/pkg/libicc.html 17:21 http://people.canonical.com/~ubuntu-security/cve/pkg/freeipa.html 17:21 [TOPIC] Miscellaneous and Questions 17:21 Does anyone have any other questions or items to discuss? 17:24 mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks! 17:24 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)