16:32 #startmeeting 16:32 Meeting started Mon Mar 30 16:32:16 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:32 16:32 Available commands: action commands idea info link nick 16:32 The meeting agenda can be found at: 16:32 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 [TOPIC] Weekly stand-up report 16:32 jdstrand: you're up 16:34 \o 16:37 mdeslaur: would you mind going and then we'll swing back around to jdstrand? 16:37 sure! 16:37 I'm on community this week 16:37 and tomorrow I have patch piloting duties 16:37 I'm currently working on tiff and gnupg/libgcrypt updates 16:37 and I'll continue down the list, as usual 16:37 that's pretty much it, sbeattie? 16:37 I'm on bug triage this week 16:38 I'm finishing up testing apparmor for an upload to vivid today or tomorrow 16:38 I have some upstream patches to review 16:38 I also still have gcc testing on my plate 16:39 that's the prioroities for me this week. 16:39 tyhicks: you're up. 16:39 I'm on cve triage this week 16:40 I focused heavily on landing the libapparmor policy cache API changes into upstream apparmor last week 16:40 there are a few pending improvements/fixups needed but all of those patches are out on the list except for one 16:41 I'm still working on what would be the best approach 16:41 as for the other work I plan to do this week... 16:41 Review the initial snappy launcher code 16:41 Restart work on AppArmor kernel keyring mediation for user data encryption 16:41 Finish up the patches to fix bug #1430532 and send them out for review 16:41 bug 1430532 in AppArmor "libapparmor needs a public function to break a context into a label and mode" [Medium,In progress] https://launchpad.net/bugs/1430532 16:42 and either sarnold or myself need to pick up the python-cryptography MIR (LP: #1430082) this week 16:42 Launchpad bug 1430082 in python-cryptography (Ubuntu) "[MIR] python-cryptography, python-cffi, pycparser, enum34" [High,New] https://launchpad.net/bugs/1430082 16:42 we'll discuss that later 16:42 that's it for me 16:42 jjohansen: you're up 16:44 so I have a lot of catching up to do this week, I have all too much email to dig (who am I kidding, skim) through, several patches to review, kernel workflow to catchup on and then back to working on apparmor cleanups 16:44 "undo last week" :) 16:45 jjohansen: before your vacation, you were working on finishing up fixes for bug #1431717 and bug #1430546 16:45 bug 1431717 in AppArmor "audit qualifier does not become effective" [Undecided,Confirmed] https://launchpad.net/bugs/1431717 16:45 bug 1430546 in linux (Ubuntu) "apparmor kernel BUG kills firefox" [Medium,Triaged] https://launchpad.net/bugs/1430546 16:45 * jdstrand says hello 16:45 jjohansen: do you still have work to do on those? 16:46 tyhicks: yep, so I bug #1431717 has its fix checked in, and I just have a few edits to patches to the set of man page updates that fell out of that 16:46 bug 1431717 in AppArmor "audit qualifier does not become effective" [Undecided,Confirmed] https://launchpad.net/bugs/1431717 16:47 ah, that's right 16:47 and I need to check back in on bug #1430546, which I was waiting for testing of a patched kernel on 16:47 bug 1430546 in linux (Ubuntu) "apparmor kernel BUG kills firefox" [Medium,Triaged] https://launchpad.net/bugs/1430546 16:48 jjohansen: I see that you're still waiting on testing 16:48 yeah 16:48 jjohansen: that's something that I can help with in a day or two if the original reporter doesn't get back to you 16:48 * jjohansen too 16:48 ack thanks 16:48 I think that is it for me, sarnold you're up 16:49 jjohansen: one last reminder, you were also going to 'Followup with kernel team regarding the bug #1423810 and #1423810 fixes landing' 16:49 bug 1423810 in linux-manta (Ubuntu) "apparmor fd_inheritance regression test causes kernel to crash on touch kernel backports" [Medium,In progress] https://launchpad.net/bugs/1423810 16:49 (no comment needed - just throwing it out there since it was in my notes) 16:49 sarnold: go ahead :) 16:49 ack 16:50 I'm in the happy place this week; I'm working on the server-stack automated openstack testing, which is finally feeliung some progress; I think the glance changes in the PPA broke image uploading, so it might even be paying dividends already 16:50 tyhicks: FYI, 1431717 should be fixed in vivid in with the pending apparmor upload 16:50 oh nice :) 16:51 there's also some still-outstanding MIRs to work on, conntrack, python-cryptography, ppc64-diag's dependencies.. I won't have time to get through them all, but I should be able to do one this week and probably progress on more 16:51 I also saw some SRU fixes requiring testing, I thought some of thos emight be worth working on too 16:52 I hate seeing fixes go wasted 16:52 that's it for me, chrisccoulson? 16:52 sarnold: I'd suggest python-cryptography as the first MIR to get back to 16:52 This week, I've got Mozilla updates to do 16:53 I've also still got some work to do to make future firefox releases (from 38 onwards) build on precise. I have it built successfully using a standalone build of gcc 4.8 now, but it doesn't have the hardening flags atm 16:53 that sounds like good progress 16:54 I got http://bazaar.launchpad.net/~oxide-developers/oxide/oxide.trunk/revision/1017 landed last week too, which fixed the main issues with the browser on arale :) 16:54 \o/ 16:55 other than that, I'll be focused on bug 1428754, bug 1410996 and bug 1422920 16:55 chrisccoulson: is bug #1428754 still on your radar for this week? 16:55 bug 1428754 in Oxide "Persist permission request decisions for a session" [High,Triaged] https://launchpad.net/bugs/1428754 16:55 I think that's me done 16:55 bug 1410996 in Oxide "Add WebView.mediaAccessPermissionRequested API" [High,In progress] https://launchpad.net/bugs/1410996 16:55 bug 1422920 in Oxide "Additions to LocationBarController API" [Medium,Triaged] https://launchpad.net/bugs/1422920 16:55 nevermind :) 16:55 tyhicks, yeah :) 16:56 jdstrand: you're up 16:56 sorry I was late 16:57 so, I think sbeattie and I might have miscommunicated slightly on apparmor. I tested it and click-apparmor over the weekend and this morning and just publiched to the archive 16:57 published* 16:57 d'oh 16:57 jdstrand: no worries. 16:57 I know sbeattie tested previous binaries, but then I uploaded the final one over the weekend 16:58 (which didn't change his patches, but did need a recompile of course) 16:58 well that's even better since it takes something off his plate for the week 16:58 I'm now going to be reviewing mvo's framework policies branch for snappy 16:58 I have review tools updates for the week 16:58 and also looking at reviewing mvo's seccomp launcher branch 16:59 which means I'll be preparing seccomp policy 16:59 I also have an embargoed issue 16:59 that's it from me 17:00 jdstrand: sorry taht I still haven't been able to review the launcher branch - is that something that both of us should do or just one of us? 17:00 (that was one of the things that I intended to get to this week, too) 17:02 tyhicks: well, I just didn't want mvo to be blocked on it. at this point I can do it but I'll ask if I need help 17:02 ok 17:04 [TOPIC] Highlighted packages 17:04 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 17:04 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 17:04 http://people.canonical.com/~ubuntu-security/cve/pkg/nsd3.html 17:04 http://people.canonical.com/~ubuntu-security/cve/pkg/webfs.html 17:04 http://people.canonical.com/~ubuntu-security/cve/pkg/musl.html 17:04 http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-4.6-armhf-cross.html 17:05 http://people.canonical.com/~ubuntu-security/cve/pkg/aria2.html 17:06 [TOPIC] Miscellaneous and Questions 17:06 Does anyone have any other questions or items to discuss? 17:07 jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, chriscoulson: Thanks! 17:07 #endmeeting