16:38 <tyhicks> #startmeeting
16:38 <meetingology> Meeting started Mon Apr 25 16:38:42 2016 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:38 <meetingology> 
16:38 <meetingology> Available commands: action commands idea info link nick
16:38 <tyhicks> The meeting agenda can be found at:
16:38 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:38 <tyhicks> [TOPIC] Weekly stand-up report
16:38 <tyhicks> mdeslaur: you're up
16:39 <mdeslaur> I'm on triage this week
16:39 <mdeslaur> I just released mysql updates
16:39 <mdeslaur> and will be going down the list
16:39 <mdeslaur> I may be also fixing bug 1574670 since people still seem to be using that
16:39 <ubottu> bug 1574670 in update-manager (Ubuntu Yakkety) "ubuntu-support-status returns inaccurate information" [Undecided,Confirmed] https://launchpad.net/bugs/1574670
16:39 <mdeslaur> and that's pretty much it, sbeattie, you're up
16:39 <tyhicks> that'd be nice
16:40 <sbeattie> that's broken again? argh.
16:40 <sbeattie> I'm in the happy place this week.
16:41 <sbeattie> I have openjdk updates to work on, openjdk-8 are built and need testing, I think tdaitx might have openjdk-7 to the point where he'll hand off to me. not sure where openjdk-6 is at
16:42 <sbeattie> I need to poke infinity about copying the libc6 updates I have ready to the -proposed pockets, as I'd like for them to go through that process before publishing to -security
16:42 <tyhicks> sbeattie: is that so you can get some extra testing?
16:43 <sbeattie> tyhicks: yes, I'd like to confirm that the buildds won't break before publishing.
16:43 <sbeattie> seems ... kinda important.
16:43 <tyhicks> agreed :)
16:43 <sbeattie> I need to coalesce some of the stuff I've written about pie into a wiki page for packagers.
16:44 <sbeattie> as well as sort out some of the failures being seen, and get some of my fixes sponsored.
16:44 <sbeattie> that will probably consume my week.
16:44 <sbeattie> tyhicks: you're up.
16:44 <tyhicks> I'm on community this week
16:45 <mdeslaur> sbeattie: it's been broken since after 10.04
16:45 <mdeslaur> sbeattie: at least, the source data is inaccurate
16:45 <sbeattie> mdeslaur: well, it doesn't backtrace anymore like it did in 14.04 for a while.
16:45 <mdeslaur> right, yeah
16:45 <tyhicks> I have 16.10 work planning to do
16:46 <tyhicks> I'll be helping sbeattie with the PIE by default build failure uploads (mostly sponsoring but may need to help out more as he's juggling two big updates)
16:47 <tyhicks> I have a number of code reviews to do (not MIRs)
16:48 <tyhicks> and I need to come up to speed more on some snappy related things like interfaces
16:48 <tyhicks> sarnold: you're up
16:48 <sarnold> I'm on bug triage this week
16:48 <sarnold> and I'd like to review john's apparmor patches that he posted last week
16:49 <sarnold> It might also be nice to engage in some serious yak shaving
16:49 <sarnold> that's it for me, chrisccoulson?
16:49 <chrisccoulson> I've got Firefox and Oxide updates to get out this week
16:50 <chrisccoulson> In addition to that, I need to spend some time on bug 1326697
16:50 <ubottu> bug 1326697 in Oxide "GN (Generate Ninja) is coming" [High,Triaged] https://launchpad.net/bugs/1326697
16:51 <chrisccoulson> Other than that, I'll be working on bugs that are targetted for the 1.16 release (I need to make that list this week)
16:51 <chrisccoulson> That's me done
16:52 <tyhicks> thanks!
16:52 <tyhicks> [TOPIC] Highlighted packages
16:52 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:52 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/python-requests-kerberos.html
16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/w3af.html
16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/node-marked.html
16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/percona-xtrabackup.html
16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libxml-security-java.html
16:53 <tyhicks> [TOPIC] Miscellaneous and Questions
16:53 <tyhicks> Does anyone have any other questions or items to discuss?
16:55 <doko> pie ... are any toolchain updates needed?
16:55 <doko> we fixed ocaml and ghc, anything else?
16:55 <tyhicks> sbeattie: do you know of anything?
16:57 <doko> sbeattie, could you give me a list of packages with static libs, which need no-change rebuilds?
16:57 <sbeattie> doko: yeah, I can do that.
16:57 <sbeattie> toolchain wise: bintuils, glibc will want rebuilds for sure.
16:58 <doko> ohh, didn't do glibc yet
16:58 <sbeattie> the 'check' package is another one that trips quite a few packages.
16:59 <sbeattie> well a few.
17:00 <sbeattie> I think the other toolchain issue I hit was go, but that should be addressed with the patch mwhudson sent upstream and has already been incorporated.
17:00 <tyhicks> mdeslaur, sbeattie, sarnold, ChrisCoulson, doko: Thanks!
17:00 <tyhicks> #endmeeting