16:45 <tyhicks> #startmeeting
16:45 <meetingology> Meeting started Mon Apr  6 16:45:07 2015 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:45 <meetingology> 
16:45 <meetingology> Available commands: action commands idea info link nick
16:45 * sbeattie o/
16:45 <tyhicks> The meeting agenda can be found at:
16:45 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:45 <tyhicks> [TOPIC] Announcements
16:46 <tyhicks> Thanks to Johan Van de Wauw (johanvdw) for security updates (14.04 through Vivid) for the community supported postgis (LP: #1438875) package last week. Your work is very much appreciated and will keep Ubuntu users secure. Great job! :)
16:46 <ubottu> Launchpad bug 1438875 in postgis (Ubuntu Vivid) "Database crash with invalid geoJSON input" [Medium,Fix released] https://launchpad.net/bugs/1438875
16:46 <tyhicks> [TOPIC] Weekly stand-up report
16:46 <tyhicks> jdstrand: you're up
16:46 <jdstrand> like last week, this week is snappy focused
16:47 <jdstrand> the security yaml bits landed last week for both apparmor and snappy and now I am writing review tools tests for that
16:48 <jdstrand> the framework policy bits landed last week for apparmor and is in review now for snappy. I wrote the review tools tests for that last week
16:48 <jdstrand> after I finish the security yaml review tools tests, I'm going to proceed to the hashes.yaml review tools tests
16:49 <jdstrand> I started the seccomp policy bits last week and will pick that up this week
16:49 <jdstrand> that's it from me
16:49 * sbeattie is up
16:49 <sbeattie> I'm on community this week.
16:50 <sbeattie> I have some more apparmor patches to review as well as trying to tie things up so we can do a trusty SRU with the python tools based on a 2.9.2 release
16:50 <sbeattie> And gcc-pie testing is still on my plate.
16:50 <tyhicks> perfect
16:51 <sbeattie> that's the priorities for my week. tyhicks, you're up.
16:51 <tyhicks> we need to get that trusty SRU out the door very soon
16:51 <sbeattie> yeah
16:51 <tyhicks> it is good to hear that we're getting close :)
16:52 <tyhicks> I'm on bug triage this week
16:52 <tyhicks> Vivid systemd/sbuild/schroot/kernel bugs (LP: #1427264) (LP: #1438942) (LP: #1439849)
16:52 <ubottu> Launchpad bug 1427264 in click (Ubuntu) "using ecryptfs, creating frameworks fail to bind mount issues" [High,Triaged] https://launchpad.net/bugs/1427264
16:52 <ubottu> Launchpad bug 1438942 in schroot (Ubuntu) "Host's /dev/shm is mounted over when entering 14.10 and older sbuild schroots" [High,Confirmed] https://launchpad.net/bugs/1438942
16:52 <ubottu> Launchpad bug 1439849 in linux (Ubuntu) "BUG: unable to handle kernel NULL pointer dereference at 0000000000000010" [High,In progress] https://launchpad.net/bugs/1439849
16:52 <tyhicks> Restart work on AppArmor kernel keyring mediation for user data encryption
16:52 <tyhicks> Finish up the patches to fix bug #1430532 and send them out for review
16:52 <ubottu> bug 1430532 in AppArmor "libapparmor needs a public function to break a context into a label and mode" [Medium,In progress] https://launchpad.net/bugs/1430532
16:53 <tyhicks> and either sarnold or myself need to get to the python-cryptography MIR (LP: #1430082)
16:53 <ubottu> Launchpad bug 1430082 in python-cryptography (Ubuntu) "[MIR] python-cryptography, python-cffi, pycparser, enum34" [High,New] https://launchpad.net/bugs/1430082
16:53 <tyhicks> that's it for me
16:53 <tyhicks> sarnold: you're up
16:53 <sarnold> I'm on cve triage this week
16:54 <sarnold> I finally feel like I'm getting the hang of the serverstack environment for openstack testing, too, which is nice; some things can be done via yaml and some things probably just need to be done via juju ssh --all
16:55 <sarnold> of course I still don't know why installing some new python glance libraries prevents new glance image uploads; the changes involved are about validating certificates, so perhaps it's supposed to fail now..
16:56 <sarnold> and since test runs there take either ten minutes or an hour and ten minutes, there'll be some time for small tasks, perhaps a MIR or apparmor patch review
16:56 <sarnold> that's it for me, tyhicks?
16:56 <tyhicks> sarnold: how about bumping the version of the current in-archive glance, without making any other changes, and seeing if glance image uploads work then?
16:58 <tyhicks> we can continue the conversation offline
16:58 <tyhicks> [TOPIC] Highlighted packages
16:59 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:59 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:59 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/lib3ds.html
16:59 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libextlib-ruby.html
16:59 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/openarena.html
16:59 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/xmonad-contrib.html
16:59 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/lemonldap-ng.html
16:59 <tyhicks> [TOPIC] Miscellaneous and Questions
16:59 <tyhicks> Does anyone have any other questions or items to discuss?
17:00 <tyhicks> jdstrand, sbeattie, sarnold: Thanks!
17:00 <tyhicks> #endmeeting