#ubuntu-meeting log

17:08 <tyhicks> #startmeeting
17:08 <meetingology> Meeting started Mon Jan 26 17:08:42 2015 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
17:08 <meetingology> 
17:08 <meetingology> Available commands: action commands idea info link nick
17:08 <jdstrand> hi! :)
17:08 <tyhicks> The meeting agenda can be found at:
17:09 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
17:09 <tyhicks> [TOPIC] Weekly stand-up report
17:09 <tyhicks> jdstrand: you're up
17:12 <jdstrand> today I am in the happy place
17:12 <jdstrand> err, this week
17:12 <jdstrand> today I am helping people address some phone bugs
17:13 <jdstrand> hopefully I'll be done with that soon, and I will be working on some snappy designs and planning
17:13 <jdstrand> I'm also working on an embargoed issue
17:13 <jdstrand> that's it from me
17:13 <jdstrand> mdeslaur: you're up
17:14 <mdeslaur> I'm on triage this week
17:14 <mdeslaur> I just published some updates
17:14 <mdeslaur> and plan on working on some more
17:14 <mdeslaur> that's about it from me, sbeattie, you're up
17:15 <sbeattie> I have an embargoed issue that I need to finish testing, and am also working on a binutils update.
17:15 <sbeattie> I need to get back on the gcc pie stuff (was looking at HJ Lu's upstream patches)
17:16 <sbeattie> And I think I have some apparmor review work outstanding.
17:16 <sbeattie> That's it for me. tyhicks, you're it.
17:16 <tyhicks> sbeattie: do you think you'll get to the gcc pie stuff with the reactive work you have planned?
17:16 <sbeattie> tyhicks: yes, I think so.
17:16 <tyhicks> good
17:17 <tyhicks> I'm focusing on bug #1362469 today
17:17 <ubottu> bug 1362469 in dbus (Ubuntu) "AppArmor unrequested reply protection generates unallowable denials" [Medium,In progress] https://launchpad.net/bugs/1362469
17:17 <tyhicks> it will probably take 2 or 3 days out of my week
17:18 <tyhicks> I also need to propose a new API for the libapparmor aa_features interface after talking with jj and others in #apparmor
17:18 <tyhicks> I have taken the security updates for patch
17:18 <tyhicks> but I plan on waiting for some of the dust to settle there
17:19 <tyhicks> there are pending CVE assignments on oss-security
17:19 * jdstrand forgot to mention he'd work on openjdk security updates
17:19 <tyhicks> and then I will transition to User Data Encryption work items but that'll be late this week at best
17:19 <tyhicks> that's it for me
17:19 <tyhicks> jj is away today
17:20 <tyhicks> so it is sarnold's turn
17:20 <sarnold> I'm on community this week; it's a short week for me, off thursday and friday
17:20 <sarnold> I'm working on a horizon security update that appears to require more backporting effort to precise than is usual for me, though I suspect it's business as usual for openstack updates
17:21 <sarnold> so wihle I will probably have trusty-and-newer updates ready to go before I leave, probably not trusty.
17:21 <sarnold> s/probably not trusty/probably not precise/
17:21 <sarnold> that's it for me, chrisccoulson?
17:22 <chrisccoulson> I'm hoping for no flash updates this week :)
17:22 <mdeslaur> hehe
17:22 <tyhicks> :)
17:22 <chrisccoulson> There will be a firefox update to address a couple of regressions, in particular, https://bugzilla.mozilla.org/show_bug.cgi?id=1122445
17:22 <ubottu> Mozilla bug 1122445 in DOM: Security "CSP change in behavior regards case sensitivity loading resources" [Major,Resolved: fixed]
17:22 <chrisccoulson> I'm also planning to get oxide 1.4 out (today, hopefully)
17:23 <chrisccoulson> and then I'll be making a start on https://launchpad.net/oxide/+milestone/branch-1.6
17:24 <tyhicks> chrisccoulson: does 1.4 contain the media-hub bits?
17:24 <chrisccoulson> I think that's me done
17:24 <chrisccoulson> tyhicks, it doesn't - that's in 1.5
17:24 <tyhicks> ack
17:24 <tyhicks> [TOPIC] Highlighted packages
17:24 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:25 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:25 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/eet.html
17:25 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/batmand.html
17:26 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/heirloom-mailx.html
17:26 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gksu-polkit.html
17:26 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libcgi-pm-perl.html
17:26 <tyhicks> [TOPIC] Miscellaneous and Questions
17:26 <tyhicks> Does anyone have any other questions or items to discuss?
17:28 <tyhicks> jdstrand, mdeslaur, sbeattie, sarnold, chrisccoulson: Thanks!
17:28 <tyhicks> #endmeeting