16:32 <tyhicks> #startmeeting
16:32 <meetingology> Meeting started Mon Mar 30 16:32:16 2015 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:32 <meetingology> 
16:32 <meetingology> Available commands: action commands idea info link nick
16:32 <tyhicks> The meeting agenda can be found at:
16:32 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:32 <tyhicks> [TOPIC] Weekly stand-up report
16:32 <tyhicks> jdstrand: you're up
16:34 <mdeslaur> \o
16:37 <tyhicks> mdeslaur: would you mind going and then we'll swing back around to jdstrand?
16:37 <mdeslaur> sure!
16:37 <mdeslaur> I'm on community this week
16:37 <mdeslaur> and tomorrow I have patch piloting duties
16:37 <mdeslaur> I'm currently working on tiff and gnupg/libgcrypt updates
16:37 <mdeslaur> and I'll continue down the list, as usual
16:37 <mdeslaur> that's pretty much it, sbeattie?
16:37 <sbeattie> I'm on bug triage this week
16:38 <sbeattie> I'm finishing up testing apparmor for an upload to vivid today or tomorrow
16:38 <sbeattie> I have some upstream patches to review
16:38 <sbeattie> I also still have gcc testing on my plate
16:39 <sbeattie> that's the prioroities for me this week.
16:39 <sbeattie> tyhicks: you're up.
16:39 <tyhicks> I'm on cve triage this week
16:40 <tyhicks> I focused heavily on landing the libapparmor policy cache API changes into upstream apparmor last week
16:40 <tyhicks> there are a few pending improvements/fixups needed but all of those patches are out on the list except for one
16:41 <tyhicks> I'm still working on what would be the best approach
16:41 <tyhicks> as for the other work I plan to do this week...
16:41 <tyhicks> Review the initial snappy launcher code
16:41 <tyhicks> Restart work on AppArmor kernel keyring mediation for user data encryption
16:41 <tyhicks> Finish up the patches to fix bug #1430532 and send them out for review
16:41 <ubottu> bug 1430532 in AppArmor "libapparmor needs a public function to break a context into a label and mode" [Medium,In progress] https://launchpad.net/bugs/1430532
16:42 <tyhicks> and either sarnold or myself need to pick up the python-cryptography MIR (LP: #1430082) this week
16:42 <ubottu> Launchpad bug 1430082 in python-cryptography (Ubuntu) "[MIR] python-cryptography, python-cffi, pycparser, enum34" [High,New] https://launchpad.net/bugs/1430082
16:42 <tyhicks> we'll discuss that later
16:42 <tyhicks> that's it for me
16:42 <tyhicks> jjohansen: you're up
16:44 <jjohansen> so I have a lot of catching up to do this week, I have all too much email to dig (who am I kidding, skim) through, several patches to review, kernel workflow to catchup on and then back to working on apparmor cleanups
16:44 <sarnold> "undo last week" :)
16:45 <tyhicks> jjohansen: before your vacation, you were working on finishing up fixes for bug #1431717 and bug #1430546
16:45 <ubottu> bug 1431717 in AppArmor "audit qualifier does not become effective" [Undecided,Confirmed] https://launchpad.net/bugs/1431717
16:45 <ubottu> bug 1430546 in linux (Ubuntu) "apparmor kernel BUG kills firefox" [Medium,Triaged] https://launchpad.net/bugs/1430546
16:45 * jdstrand says hello
16:45 <tyhicks> jjohansen: do you still have work to do on those?
16:46 <jjohansen> tyhicks: yep, so I bug #1431717 has its fix checked in, and I just have a few edits to patches to the set of man page updates that fell out of that
16:46 <ubottu> bug 1431717 in AppArmor "audit qualifier does not become effective" [Undecided,Confirmed] https://launchpad.net/bugs/1431717
16:47 <tyhicks> ah, that's right
16:47 <jjohansen> and I need to check back in on  bug #1430546, which I was waiting for testing of a patched kernel on
16:47 <ubottu> bug 1430546 in linux (Ubuntu) "apparmor kernel BUG kills firefox" [Medium,Triaged] https://launchpad.net/bugs/1430546
16:48 <tyhicks> jjohansen: I see that you're still waiting on testing
16:48 <jjohansen> yeah
16:48 <tyhicks> jjohansen: that's something that I can help with in a day or two if the original reporter doesn't get back to you
16:48 * jjohansen too
16:48 <jjohansen> ack thanks
16:48 <jjohansen> I think that is it for me, sarnold you're up
16:49 <tyhicks> jjohansen: one last reminder, you were also going to 'Followup with kernel team regarding the bug #1423810 and #1423810 fixes landing'
16:49 <ubottu> bug 1423810 in linux-manta (Ubuntu) "apparmor fd_inheritance regression test causes kernel to crash on touch kernel backports" [Medium,In progress] https://launchpad.net/bugs/1423810
16:49 <tyhicks> (no comment needed - just throwing it out there since it was in my notes)
16:49 <tyhicks> sarnold: go ahead :)
16:49 <jjohansen> ack
16:50 <sarnold> I'm in the happy place this week; I'm working on the server-stack automated openstack testing, which is finally feeliung some progress; I think the glance changes in the PPA broke image uploading, so it might even be paying dividends already
16:50 <sbeattie> tyhicks: FYI, 1431717 should be fixed in vivid in with the pending apparmor upload
16:50 <tyhicks> oh nice :)
16:51 <sarnold> there's also some still-outstanding MIRs to work on, conntrack, python-cryptography, ppc64-diag's dependencies.. I won't have time to get through them all, but I should be able to do one this week and probably progress on more
16:51 <sarnold> I also saw some SRU fixes requiring testing, I thought some of thos emight be worth working on too
16:52 <sarnold> I hate seeing fixes go wasted
16:52 <sarnold> that's it for me, chrisccoulson?
16:52 <tyhicks> sarnold: I'd suggest python-cryptography as the first MIR to get back to
16:52 <chrisccoulson> This week, I've got Mozilla updates to do
16:53 <chrisccoulson> I've also still got some work to do to make future firefox releases (from 38 onwards) build on precise. I have it built successfully using a standalone build of gcc 4.8 now, but it doesn't have the hardening flags atm
16:53 <tyhicks> that sounds like good progress
16:54 <chrisccoulson> I got http://bazaar.launchpad.net/~oxide-developers/oxide/oxide.trunk/revision/1017 landed last week too, which fixed the main issues with the browser on arale :)
16:54 <tyhicks> \o/
16:55 <chrisccoulson> other than that, I'll be focused on bug 1428754, bug  1410996 and bug 1422920
16:55 <tyhicks> chrisccoulson: is bug #1428754 still on your radar for this week?
16:55 <ubottu> bug 1428754 in Oxide "Persist permission request decisions for a session" [High,Triaged] https://launchpad.net/bugs/1428754
16:55 <chrisccoulson> I think that's me done
16:55 <ubottu> bug 1410996 in Oxide "Add WebView.mediaAccessPermissionRequested API" [High,In progress] https://launchpad.net/bugs/1410996
16:55 <ubottu> bug 1422920 in Oxide "Additions to LocationBarController API" [Medium,Triaged] https://launchpad.net/bugs/1422920
16:55 <tyhicks> nevermind :)
16:55 <chrisccoulson> tyhicks, yeah :)
16:56 <tyhicks> jdstrand: you're up
16:56 <jdstrand> sorry I was late
16:57 <jdstrand> so, I think sbeattie and I might have miscommunicated slightly on apparmor. I tested it and click-apparmor over the weekend and this morning and just publiched to the archive
16:57 <jdstrand> published*
16:57 <sarnold> d'oh
16:57 <sbeattie> jdstrand: no worries.
16:57 <jdstrand> I know sbeattie tested previous binaries, but then I uploaded the final one over the weekend
16:58 <jdstrand> (which didn't change his patches, but did need a recompile of course)
16:58 <tyhicks> well that's even better since it takes something off his plate for the week
16:58 <jdstrand> I'm now going to be reviewing mvo's framework policies branch for snappy
16:58 <jdstrand> I have review tools updates for the week
16:58 <jdstrand> and also looking at reviewing mvo's seccomp launcher branch
16:59 <jdstrand> which means I'll be preparing seccomp policy
16:59 <jdstrand> I also have an embargoed issue
16:59 <jdstrand> that's it from me
17:00 <tyhicks> jdstrand: sorry taht I still haven't been able to review the launcher branch - is that something that both of us should do or just one of us?
17:00 <tyhicks> (that was one of the things that I intended to get to this week, too)
17:02 <jdstrand> tyhicks: well, I just didn't want mvo to be blocked on it. at this point I can do it but I'll ask if I need help
17:02 <tyhicks> ok
17:04 <tyhicks> [TOPIC] Highlighted packages
17:04 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:04 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:04 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/nsd3.html
17:04 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/webfs.html
17:04 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/musl.html
17:04 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-4.6-armhf-cross.html
17:05 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/aria2.html
17:06 <tyhicks> [TOPIC] Miscellaneous and Questions
17:06 <tyhicks> Does anyone have any other questions or items to discuss?
17:07 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, chriscoulson: Thanks!
17:07 <tyhicks> #endmeeting