== Meeting information == * #ubuntu-meeting Meeting, 19 Oct at 16:34 — 17:03 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-10-19-16.34.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Announcements === The discussion about "Announcements" started at 16:35. === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:35. === Highlighted packages === The discussion about "Highlighted packages" started at 16:58. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libjboss-cache2-java.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-4.9-powerpc-cross.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libplack-perl.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/puppet-module-puppetlabs-stdlib.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/mosh.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:58. == Vote results == == Done items == * (none) == People present (lines said) == * tyhicks (36) * sbeattie (9) * sarnold (7) * mdeslaur (7) * jdstrand (7) * jjohansen (7) * chrisccoulson (5) * meetingology (3) * ubottu (1) == Full Log == 16:34 #startmeeting 16:34 Meeting started Mon Oct 19 16:34:15 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:34 16:34 Available commands: action commands idea info link nick 16:34 The meeting agenda can be found at: 16:35 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:35 [TOPIC] Announcements 16:35 Thanks to Martin Pitt (pitti) for providing precise-wily debdiffs for postgresql packages (LP: #1504132) 16:35 Launchpad bug 1504132 in postgresql-9.4 (Ubuntu Wily) "New upstream microreleases 9.1.19, 9.3.10, 9.4.5" [High,Fix released] https://launchpad.net/bugs/1504132 16:35 [TOPIC] Weekly stand-up report 16:35 jdstrand: you're up 16:37 zzzzzzzz 16:37 * mdeslaur pokes jdstrand with pointy stick 16:37 hey 16:37 sorry 16:37 that got his attention ;) 16:38 so, right now I'm working on getting snappy-debug into the store. I'm almost done with that 16:38 after that, will be looking at identifying tasks for the post-mortem meeting for the update last week 16:38 I also have several embargoed issues 16:39 s/the update/the click update/ 16:39 that's it from me 16:40 guess it's my turn 16:40 I'm back from vacation, so I'm in email ketchup mode today 16:40 and I'm on triage this week 16:41 and will be looking at the list of required updates, and will pick something to work on 16:41 that's about it, sbeattie? 16:41 I'm in the happy place this week 16:41 I have a miniupnpc update in the pipeline that I'll be finishing up. 16:42 I 16:42 bleah 16:42 I'm currently refreshing my gcc-pie patches and adding bind-now to the defautls 16:43 I need to go through the backlog of apparmor patches 16:43 I may pick up another update as the list has grown large 16:43 that's probably it for my week 16:44 sbeattie: where do you want to be with the gcc-pie patches before we sprint with foundations? 16:45 tyhicks: I want to have a patch with bind-now enabled as well to hand off. 16:46 sbeattie: ok, lets sync up with doko to see what his thoughts are for what should be done going into that week 16:46 I'm in the community role this week 16:47 I'm currently doing a design/code review of Mir attestable timestamps 16:47 after that, I'll start the mapplauncherd code review to see how the security team's feedback was incorporated in 16:48 as part of that review, I signed up to create an AppArmor profile for confining the booster processes 16:48 if I get through both of those things, I'll look at our backlog 16:48 jjohansen: you're up 16:48 * jjohansen gives tyhicks a consoling pat on the back 16:49 I am working on the apparmor stacking patches 16:50 I should also get around to building some test kernels for the bug fixes that people can run if they want 16:50 jjohansen: regarding stacking, are you still mainly focused on kernel code or have you gotten into parser/libapparmor/tests yet? 16:50 tyhicks: kernel still 16:51 ah, reviewing some of your AppArmor kernel fixes and possibly preparing kteam pull requests is something else that I want to get to this week 16:52 I think that is it for me 16:52 jjohansen: is that all for you this week? (hopefully you'll get a chance to spend quality time on stacking) 16:52 nice! 16:52 yep 16:52 sarnold: you're up 16:53 i'm on bug triage this week 16:53 I've got a stack of patches from jjohansen that I'm reviewing 16:53 are there any MIRs that we can do last-minute to make someone happy? 16:54 sarnold: I'll have a look and get back to you on that 16:54 thanks 16:54 * sarnold adds one more thing to tyhicks's pile :) 16:54 sarnold: would you like some more presents to add to your pile, I have a nice queue of another 20 or so you could start in on? :P 16:54 nah :) 16:55 jjohansen: \o/ :) 16:55 chrisccoulson? 16:55 This week, I need to publish Oxide (will probably do that tomorrow now). 16:56 I also need to get the crash reporter back on in Firefox, which means updating my scripts to push our symbols to their new upload API (which I have access to since last week) 16:56 Other than that, I'd like to land https://code.launchpad.net/~chrisccoulson/oxide/lp1504853/+merge/274525 because it fixes some issues with how certificate errors are handled in the browser 16:56 But it depends on https://code.launchpad.net/~chrisccoulson/oxide/refactor-webview-rwhv-interation/+merge/274723, which is ongoing 16:56 I think that's me done 16:58 thanks! 16:58 [TOPIC] Highlighted packages 16:58 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:58 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:58 http://people.canonical.com/~ubuntu-security/cve/pkg/libjboss-cache2-java.html 16:58 http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-4.9-powerpc-cross.html 16:58 http://people.canonical.com/~ubuntu-security/cve/pkg/libplack-perl.html 16:58 http://people.canonical.com/~ubuntu-security/cve/pkg/puppet-module-puppetlabs-stdlib.html 16:58 http://people.canonical.com/~ubuntu-security/cve/pkg/mosh.html 16:58 [TOPIC] Miscellaneous and Questions 16:58 Does anyone have any other questions or items to discuss? 17:03 jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! 17:03 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)