== Meeting information == * #ubuntu-meeting Meeting, 03 Aug at 16:31 — 16:48 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-08-03-16.31.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Announcements === The discussion about "Announcements" started at 16:32. === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:32. === Highlighted packages === The discussion about "Highlighted packages" started at 16:45. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/xorg-server-lts-utopic.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/lft.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:46. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libspoon-perl.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libdancer-perl.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/lwipv6.html == Vote results == == Done items == * (none) == People present (lines said) == * tyhicks (37) * sarnold (8) * jjohansen (7) * mdeslaur (4) * sbeattie (4) * ubottu (3) * meetingology (3) == Full Log == 16:31 #startmeeting 16:31 Meeting started Mon Aug 3 16:31:45 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:31 16:31 Available commands: action commands idea info link nick 16:31 \o 16:32 The meeting agenda can be found at: 16:32 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 [TOPIC] Announcements 16:32 Seyeong Kim (xtrusia) provided debdiffs for trusty-wily for pcre3 (LP: #1396768) 16:32 Launchpad bug 1396768 in pcre3 (Ubuntu Vivid) "pcre3 vulnerability CVE-2014, 2015" [Undecided,Fix released] https://launchpad.net/bugs/1396768 16:32 Your contributions are greatly appreciated! :) 16:32 [TOPIC] Weekly stand-up report 16:32 mdeslaur: you're up 16:32 I'm out all week as I'm going to a conference 16:33 today I'm preparing my travel laptop 16:33 that's it from me, sbeattie, you're up 16:33 I'm taking cve triage for mdeslaur this week, since he's gone and I'll be at a conference next week, when it would be my turn. 16:34 I'm testing my fix to the apparmor 2.10 regression that prevented it from migrating to wily from proposed 16:34 I've also got openjdk-6 on my plate this week 16:35 That's pretty much my priorities for this week. tyhicks, you're up. 16:36 I'm on community this week 16:36 I have a couple designs to work on 16:38 I have an embargoed issue 16:39 I need to drum up someone to verify the fix for bug #1473584 16:39 bug 1473584 in linux-manta (Ubuntu Vivid) "AUDIT_USER_AVC messages are not printk'ed when auditd is not running" [Undecided,Fix committed] https://launchpad.net/bugs/1473584 16:39 I think jjohansen is going to help me there if he has a chance 16:39 sure 16:40 and I need to finish the fix for a stale dcache issue in eCryptfs reported on Friday 16:40 shouldn't be much work left there 16:40 that's it for me 16:40 jjohansen: you're up 16:40 I need to finish investigating bind mount issue with apparmor lxd in snappy 16:40 look into secure exec around the 4.2 rebase of apparmor 16:40 send some apparmor patches upstream for 4.3 16:40 still need to finish reviewing the dconf userspace patches 16:40 continue working on the fix for bug #1448912 16:40 bug 1448912 in AppArmor "BUG: unable to handle kernel NULL pointer dereference (aa_label_merge)" [Medium,Confirmed] https://launchpad.net/bugs/1448912 16:41 thats it for me sarnold you're up 16:41 I'm on bug triage this week 16:42 I need to have a conversation with till about testing ippusbxd, when doing the mir I wondered if it was working as advertised, and realized that we can't really test this thing end-to-end like we do with most packages 16:43 most of the work with the mir is done, it'd just be useful to have an irc chat with till, rather than back-and-forth over bugmail. oh well, it'll work either way.. 16:44 I suspect I'll pick up more MIRs this week, though may do reactive work if needed 16:44 sarnold: he should be catchable over irc 16:44 and might do an apparmor review or two for a change of pace 16:44 tyhicks: yeah, I suspect summertime has just made it less likely for us to see each other 16:44 * tyhicks nods 16:44 sarnold: would you be able to publish the openstack updates today? 16:44 tyhicks: sure 16:45 sarnold: that'll be a huge help - thanks! 16:45 sarnold: we can sync up afterwards 16:45 it'll feel great have those moving :) 16:45 Chris is likely having connectivity issues 16:45 yes 16:45 I think we're done with stand-up reports 16:45 [TOPIC] Highlighted packages 16:46 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:46 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:46 http://people.canonical.com/~ubuntu-security/cve/pkg/xorg-server-lts-utopic.html 16:46 http://people.canonical.com/~ubuntu-security/cve/pkg/lft.html 16:46 [TOPIC] Miscellaneous and Questions 16:46 http://people.canonical.com/~ubuntu-security/cve/pkg/libspoon-perl.html 16:46 http://people.canonical.com/~ubuntu-security/cve/pkg/libdancer-perl.html 16:46 Does anyone have any other questions or items to discuss? 16:46 http://people.canonical.com/~ubuntu-security/cve/pkg/lwipv6.html 16:48 mdeslaur, sbeattie, jjohansen, sarnold: Thanks! 16:48 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)