17:07:24 #startmeeting 17:07:24 Meeting started Mon Sep 19 17:07:24 2011 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/AlanBell/mootbot. 17:07:24 17:07:24 Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired 17:07:29 The meeting agenda can be found at: 17:07:30 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 17:08:13 [TOPIC] Announcements 17:08:21 * bliss burns a candle for kees 17:08:30 Thanks to zooko and jtaylor for their help on security updates for the community supported taylor-lafs last week. Great job! :) 17:08:42 bliss: hehe 17:08:57 err, that isn't the right package name 17:09:12 tahoe-lafs 17:09:31 and yes, kees departure 17:09:36 As kees mentioned via his blog last week, he has left Canonical to pursue other opportunities. We wish him well and look forward to continuing to work with him on Ubuntu in the community. 17:09:45 I'm happy to say that the talents of the Ubuntu Security team run deep and we are in good shape. Moving forward, people should direct questions regarding userspace/toolchain hardening to sbeattie. 17:09:53 We are in the process of finalizing the details for the kernel security position, so in the meantime questions on kernel publication should be directed to mdeslaur and kernel hardening can be asked of the team in #ubuntu-hardened. 17:10:17 [TOPIC] Weekly stand-up report 17:10:23 I'll go first 17:10:55 I'm on triage this week. Part of my work on that will include training tyhicks` on UCT 17:11:09 I've got a small pile of MIRs I need to tend to 17:11:45 a few work items are left, which I hope to try to work on 17:12:03 and I have some apparmor policy updates I am working on 17:12:07 mdeslaur: you're next 17:12:29 I plan on publishing ffmpeg/libav updates today 17:12:37 and will go down the list to pick something else 17:12:49 I think there's iso testing also this week that I'll do 17:13:06 and, I'm doing the kernel workflow also 17:13:09 that's it from me 17:13:15 sbeattie: tag, you're it 17:13:27 I'm on community this week 17:14:34 I'm poking at php5 in part prompted by a community member contributing a fix for an open issues there. 17:15:14 Also, I'm still poking at apache as well, both for the security issue fixied in 2.2.21 and some of the byterange regressions fixed as well. 17:15:53 I'll also be doing some testing for beta 2 (I have a couple of systems to upgrade to O) and hopefully some iso testing as well. 17:16:11 I think that covers it for me. 17:16:20 micahg: ping 17:16:46 update chromium and prepare mozilla updates for next week's release train 17:17:02 that's it 17:17:43 tyhicks`: ping 17:17:54 I'm still working on the mutt update. I hit some snags in my setup last week and didn't make it as far as I had predicted. 17:18:07 I'm confident that I can finish that up this week and I'll also be working with jdstrand on UCT to understand the triaging role. 17:18:19 jdstrand: That is it for me. 17:18:30 cool 17:18:40 [TOPIC] Highlighted packages 17:18:52 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. The highlighted packages for this week are: 17:18:58 http://people.canonical.com/~ubuntu-security/cve/pkg/teamspeak-server.html 17:19:01 http://people.canonical.com/~ubuntu-security/cve/pkg/condor.html 17:19:03 http://people.canonical.com/~ubuntu-security/cve/pkg/zonecheck.html 17:19:06 http://people.canonical.com/~ubuntu-security/cve/pkg/monotone.html 17:19:08 http://people.canonical.com/~ubuntu-security/cve/pkg/midori.html 17:19:10 [TOPIC] Miscellaneous and Questions 17:19:15 Does anyone have any other questions or items to discuss? 17:21:53 people can ignore midori on that list 17:22:49 well, another great thing people could work on is going back through and confirming that older open CVEs have or have not been fixed in newer releases. 17:23:33 yes, that is always helpful 17:24:32 [ACTION] jdstrand to update highlighted packages to also mention UCT in general 17:24:32 * meetingology jdstrand to update highlighted packages to also mention UCT in general 17:25:45 ok, thanks guys! 17:25:48 #endmeeting