16:35 <tyhicks> #startmeeting
16:35 <meetingology> Meeting started Mon Mar  9 16:35:27 2015 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:35 <meetingology> 
16:35 <meetingology> Available commands: action commands idea info link nick
16:35 <tyhicks> The meeting agenda can be found at:
16:35 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:35 <tyhicks> [TOPIC] Weekly stand-up report
16:35 <tyhicks> jdstrand: you're up
16:38 <jdstrand> today I am working on finishing up the review tools tests for snappy with what is currently defined in the packaging yaml
16:38 <jdstrand> I made a lot of progress last week and my changes introduced no regression with click reviews
16:38 <jdstrand> I have some finetuning to do for snappy
16:39 <jdstrand> I'll be doing uploads and syncing with the store team
16:39 <jdstrand> I have performance reviews to do
16:39 <jdstrand> that will be my main focus for the rest of today and coming days
16:39 <jdstrand> I hope to pickup the frameworks and hw access topics for snappy later in the week
16:39 <jdstrand> that's it from me
16:40 <mdeslaur> my turn I guess
16:40 <jdstrand> ah yes, sorry
16:40 <jdstrand> mdeslaur: you're up :)
16:40 <mdeslaur> I'm working on fixing the ABI break that broke the icu update last week
16:41 <mdeslaur> and after that, I have php5 and apache CVEs to fix
16:41 <jdstrand> was that only on precise?
16:41 <mdeslaur> yeah, only precise
16:41 <mdeslaur> I reverted the fix for now, so no rush
16:41 <mdeslaur> but I think I've got it now
16:41 <mdeslaur> that's pretty much it for me, sbeattie, you're up
16:41 <sbeattie> I'm on community this week
16:42 <sbeattie> I managed to get snappy set up, and am seeing the same dhclient profile issue that jdstrand saw.
16:42 <sbeattie> I need to get back to gcc testing
16:43 <sbeattie> Sorry, I plan to dig into the systemd/dhclient issue a bit more.
16:43 <sbeattie> I also need to review some apparmor patches and prepare for our monthly meeting.
16:44 <sbeattie> I think that's it for me. tyhicks?
16:44 <tyhicks> I'm on the bug triage role this week
16:45 <tyhicks> I am running an ecryptfs-update through some automated tests that I wrote last week and kirkland is doing manual testing
16:45 <tyhicks> that means that the ecryptfs-utils fix will land upstream and in ubuntu today if testing all goes as planned
16:46 <tyhicks> (stable releases and vivid)
16:46 <tyhicks> I expect to spend some time addressing feedback from the libapparmor cache loading patches that I sent to the list last week
16:47 <tyhicks> hopefully we can get all of those reviewed and landed upstream this week with a landing in vivid happening shortly after
16:47 <tyhicks> and I'll be working on AppArmor kernel keyring mediation for user data encryption
16:48 <tyhicks> jjohansen and I need to do one last sync regarding the apparmor and overlayfs issues and then pass some info around that back to jdstrand
16:48 <tyhicks> that's it for me
16:48 <tyhicks> jjohansen: you're up
16:49 <jjohansen> I am on apparmor again this week. I have some stuff to prepare for tomorrows apparmor meeting. I am going to finish up the patch review I started last week, I expect discuss the libapparmor policy api some more. Possibly file some bugs for the vivid issues that are annoying me the most.
16:49 <jjohansen> I need to follow-up with the kernel team on where Bug 1423810 and 1408833 are at (not applied yet).
16:49 <jjohansen> there will be some discussion around the overlayfs issue with tyhicks and jdstrand
16:49 <jjohansen> And of course do some more upstream cleanup, and submit a small set of patches upstream.
16:49 <ubottu> bug 1408833 in AppArmor "broken postinst test for uvtool-libvirt on utopic" [Undecided,Confirmed] https://launchpad.net/bugs/1408833
16:49 <ubottu> bug 1423810 in linux-manta (Ubuntu) "apparmor fd_inheritance regression test causes kernel to crash on touch kernel backports" [Medium,In progress] https://launchpad.net/bugs/1423810
16:50 <jjohansen> I think that is it from me, sarnold you're up
16:51 <sarnold> I'm one cve triage this week, it's another short week for me; I'm also working on MIR audits, and will switch over to openstack work wheh the server team has precise-essex work finished. I could do the TestungOpenstack stuff with locasl vms, but I'm feeling mighty behind on MIRs
16:51 <sarnold> I thihnk that's it for me, chrisccoulson?
16:52 <chrisccoulson> This week, I shall be continuing work on 2 Meizu bugs. Hopefully will have those done this week
16:53 <chrisccoulson> I still also need to get oxide out (that will probably be tomorrow)
16:53 <chrisccoulson> I've just got Chromium and Firefox updates out
16:53 <chrisccoulson> And I plan to work on my review queue as well
16:53 <chrisccoulson> I think that's about it
16:54 <tyhicks> chrisccoulson: by "get oxide out", do you mean an upstream release?
16:54 <tyhicks> (and if so, what will that version number be?)
16:54 <chrisccoulson> tyhicks, yeah - that's the version in https://launchpad.net/~ubuntu-mozilla-security/+archive/ubuntu/ppa
16:55 <tyhicks> chrisccoulson: thanks!
16:55 <jdstrand> sarnold: re precise-essex openstack work> is there progress on that? (ie, is the server team actively working on making it happen)?
16:55 <tyhicks> sarnold: I think you should only use TestingOpenstack for precise testing
16:56 <tyhicks> sarnold: and serverstack for everything else
16:56 <jdstrand> sarnold and I discussed that a bit before
16:57 <jdstrand> there is a vm I uploaded that is TestingOpenstack, TestingOpenstack is up to date for precise and QRT test-openstack.py has a --setup-something that should mostly work for openstack
16:58 <tyhicks> jdstrand: there was an update on the serverstack precise-essex status last week: https://bugs.launchpad.net/openstack-charm-testing/+bug/1423579/comments/2
16:58 <ubottu> Launchpad bug 1423579 in OpenStack Charm Testing "essex bundle needed for testing as it is in-support for +3yrs" [High,New]
16:58 <tyhicks> jdstrand: we'll need to follow up to see what their current feeling is regarding precise-essex support
16:59 <tyhicks> sarnold: can you do that follow up? ^
17:00 <jdstrand> tyhicks: yeah-- that is what prompted my question. I wasn't sure if there was more beyond that
17:01 <tyhicks> sarnold: 2 or 3 weeks back, we decided to shift focus to a few urgent MIRs and then last week we decided to continue MIR work while waiting one more week for serverstack to gain precise-essex support
17:02 <tyhicks> sarnold: I don't think we should push the updates back any more unless there are MIRs that are very urgent
17:02 <tyhicks> we can discuss this more offline
17:03 <tyhicks> jjohansen: the kernel is at 4.0-rc3
17:03 <jjohansen> tyhicks: yep
17:03 <tyhicks> jjohansen: that only gives you 2 or 3 weeks to prepare a pull request in order to land patches in 4.1
17:04 <jjohansen> tyhicks: right, I need to get the first small series up this week
17:04 <tyhicks> jjohansen: cool - I think libapparmor patch review and preparing a kernel patch series for upstreaming are the two biggest items for you this week
17:05 <jjohansen> right
17:05 <tyhicks> (and it already sounds like those are the biggest items that you're thinking about)
17:05 <tyhicks> cool
17:05 <sarnold> tyhicks: okay; I st5ill need to finish the actual MIR bits of python-saml2 and python-repoze.who; 1381450 and 1427852 and 1427861 are still not yet started
17:06 <tyhicks> sarnold: ok, lets discuss more after the meeting
17:06 <tyhicks> [TOPIC] Highlighted packages
17:06 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:06 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:06 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/xpdf.html
17:06 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/exactimage.html
17:06 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/zookeeper.html
17:06 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libuser.html
17:06 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/jquery-jplayer.html
17:06 <tyhicks> [TOPIC] Miscellaneous and Questions
17:07 <tyhicks> Does anyone have any other questions or items to discuss?
17:08 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: thanks!
17:08 <tyhicks> #endmeeting