== Meeting information == * #ubuntu-meeting Meeting, 25 Apr at 16:38 — 17:00 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2016/ubuntu-meeting.2016-04-25-16.38.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:38. === Highlighted packages === The discussion about "Highlighted packages" started at 16:52. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/python-requests-kerberos.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/w3af.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/node-marked.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/percona-xtrabackup.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libxml-security-java.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:53. == Vote results == == Done items == * (none) == People present (lines said) == * tyhicks (28) * sbeattie (16) * mdeslaur (8) * sarnold (4) * doko (4) * chrisccoulson (4) * meetingology (3) * ubottu (2) == Full Log == 16:38 #startmeeting 16:38 Meeting started Mon Apr 25 16:38:42 2016 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:38 16:38 Available commands: action commands idea info link nick 16:38 The meeting agenda can be found at: 16:38 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:38 [TOPIC] Weekly stand-up report 16:38 mdeslaur: you're up 16:39 I'm on triage this week 16:39 I just released mysql updates 16:39 and will be going down the list 16:39 I may be also fixing bug 1574670 since people still seem to be using that 16:39 bug 1574670 in update-manager (Ubuntu Yakkety) "ubuntu-support-status returns inaccurate information" [Undecided,Confirmed] https://launchpad.net/bugs/1574670 16:39 and that's pretty much it, sbeattie, you're up 16:39 that'd be nice 16:40 that's broken again? argh. 16:40 I'm in the happy place this week. 16:41 I have openjdk updates to work on, openjdk-8 are built and need testing, I think tdaitx might have openjdk-7 to the point where he'll hand off to me. not sure where openjdk-6 is at 16:42 I need to poke infinity about copying the libc6 updates I have ready to the -proposed pockets, as I'd like for them to go through that process before publishing to -security 16:42 sbeattie: is that so you can get some extra testing? 16:43 tyhicks: yes, I'd like to confirm that the buildds won't break before publishing. 16:43 seems ... kinda important. 16:43 agreed :) 16:43 I need to coalesce some of the stuff I've written about pie into a wiki page for packagers. 16:44 as well as sort out some of the failures being seen, and get some of my fixes sponsored. 16:44 that will probably consume my week. 16:44 tyhicks: you're up. 16:44 I'm on community this week 16:45 sbeattie: it's been broken since after 10.04 16:45 sbeattie: at least, the source data is inaccurate 16:45 mdeslaur: well, it doesn't backtrace anymore like it did in 14.04 for a while. 16:45 right, yeah 16:45 I have 16.10 work planning to do 16:46 I'll be helping sbeattie with the PIE by default build failure uploads (mostly sponsoring but may need to help out more as he's juggling two big updates) 16:47 I have a number of code reviews to do (not MIRs) 16:48 and I need to come up to speed more on some snappy related things like interfaces 16:48 sarnold: you're up 16:48 I'm on bug triage this week 16:48 and I'd like to review john's apparmor patches that he posted last week 16:49 It might also be nice to engage in some serious yak shaving 16:49 that's it for me, chrisccoulson? 16:49 I've got Firefox and Oxide updates to get out this week 16:50 In addition to that, I need to spend some time on bug 1326697 16:50 bug 1326697 in Oxide "GN (Generate Ninja) is coming" [High,Triaged] https://launchpad.net/bugs/1326697 16:51 Other than that, I'll be working on bugs that are targetted for the 1.16 release (I need to make that list this week) 16:51 That's me done 16:52 thanks! 16:52 [TOPIC] Highlighted packages 16:52 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:52 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:52 http://people.canonical.com/~ubuntu-security/cve/pkg/python-requests-kerberos.html 16:53 http://people.canonical.com/~ubuntu-security/cve/pkg/w3af.html 16:53 http://people.canonical.com/~ubuntu-security/cve/pkg/node-marked.html 16:53 http://people.canonical.com/~ubuntu-security/cve/pkg/percona-xtrabackup.html 16:53 http://people.canonical.com/~ubuntu-security/cve/pkg/libxml-security-java.html 16:53 [TOPIC] Miscellaneous and Questions 16:53 Does anyone have any other questions or items to discuss? 16:55 pie ... are any toolchain updates needed? 16:55 we fixed ocaml and ghc, anything else? 16:55 sbeattie: do you know of anything? 16:57 sbeattie, could you give me a list of packages with static libs, which need no-change rebuilds? 16:57 doko: yeah, I can do that. 16:57 toolchain wise: bintuils, glibc will want rebuilds for sure. 16:58 ohh, didn't do glibc yet 16:58 the 'check' package is another one that trips quite a few packages. 16:59 well a few. 17:00 I think the other toolchain issue I hit was go, but that should be addressed with the patch mwhudson sent upstream and has already been incorporated. 17:00 mdeslaur, sbeattie, sarnold, ChrisCoulson, doko: Thanks! 17:00 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)