#ubuntu-meeting log

18:23:15 <jdstrand> #startmeeting
18:23:15 <meetingology> Meeting started Mon May 21 18:23:15 2012 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
18:23:15 <meetingology> 
18:23:15 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
18:23:20 <jdstrand> The meeting agenda can be found at:
18:23:21 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
18:23:27 <jdstrand> [TOPIC] Weekly stand-up report
18:23:30 <jdstrand> I'll go first
18:23:47 <jdstrand> I am on triage this week
18:24:12 <jdstrand> mdeslaur and I will be finishing the work items review this week
18:24:31 <jdstrand> I will be publishing a libxml2 update today or tomorrow
18:24:46 <jdstrand> I have several pending updates I am working on
18:24:51 <jdstrand> and then an embargoed issue
18:25:41 <jdstrand> I'm hitting small work items here and there, and have started ufw python3 port (over the weekend, but may poke at it some this week)
18:26:05 <jdstrand> mdeslaur is off today. I know he is working on pending updates. he is in the happy place
18:26:08 <jdstrand> sbeattie: you're up
18:26:16 <sbeattie> I'm on community this week
18:26:28 <sbeattie> I've also got a few updates in progress.
18:27:13 <sbeattie> I'm also planning on apparmor work this week.
18:27:21 <sbeattie> I think that's it for me.
18:27:28 <sbeattie> micahg: you're next
18:28:31 <jdstrand> sbeattie: are those apparmor work items, the SRU or some combination?
18:29:26 <sbeattie> jdstrand: SRU + work items, yes.
18:29:31 <micahg> I've got patch piloting today, webkit update for precise this week, apparmor profile fixes for Firefox/Thunderbird (SRU for lucid-precise), will do earlier in the week so as not to block sbeattie, and chromium's build is broke ATM, so I need to dig into that as there's a pending update
18:29:34 <jdstrand> awesome, thanks :)
18:30:36 <micahg> I guess that's it for me
18:30:56 <tyhicks> I'm in the happy place this week
18:31:03 <tyhicks> It is a short week for me since I'm off Friday
18:31:38 <tyhicks> I took on a sudo update and a sudo feature backport last week, so I've still got my eCryptfs work that I planned on doing last week
18:32:30 <tyhicks> I imagine that getting caught up on eCryptfs bug fixes and the kernel merge window will soak up most of my week. I've got a few bug fixes that have patches written, I just haven't had a chance to test and push them upstream.
18:32:53 <tyhicks> If I do get through all of that early, I've got a pidgin update that is pending in the testing stage.
18:33:02 <tyhicks> (I see a reoccuring theme here :)
18:33:11 <tyhicks> That's it for me
18:33:17 <tyhicks> jjohansen: You're up
18:33:20 * jjohansen needs to work with sbeattie on releasing apparmor 2.8 this week, there are a couple of minor patches to finish up/test finish. /me also needs to finish going through work items and sticking time estimates on them. After that its back to resurrecting prototypes, dbus, cgroups, env filtering
18:34:17 <jjohansen> I think that is about it jdstrand back to you?
18:34:21 <jdstrand> jjohansen: how did the quantal kernel fixes go?
18:35:08 <jjohansen> jdstrand: oh those look good, thanks for the kick I forgot to push them on the weekend
18:35:16 * jjohansen will do that first
18:35:44 * jjohansen got side tracked bug hunting
18:35:48 <jdstrand> cool
18:35:59 * jdstrand wasn't trying to kick, just curious :)
18:36:08 <jjohansen> nah, is good
18:36:29 <jdstrand> [TOPIC] Highlighted packages
18:36:35 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libspring-java.html
18:36:40 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/python-tornado.html
18:36:43 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/drupal6-mod-views.html
18:36:46 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/dimp1.html
18:36:50 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/pyfribidi.html
18:37:03 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
18:37:08 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
18:37:17 <jdstrand> did that slightly out of order...
18:37:22 <jdstrand> [TOPIC] Miscellaneous and Questions
18:37:32 <jdstrand> There are a lot of merge opportunities for packages listed in http://people.canonical.com/~ubuntu-security/d2u/. Performing these updates is a great way to help Ubuntu and bolster your developer application.
18:37:52 <jdstrand> I also had two other things
18:38:42 <jdstrand> 1. jjohansen has too many work items. once he gives time estimates mdeslaur and I will look at them and then probably discuss as a team how to proceed (eg, Roadmap 'low' ones or reassign some)
18:38:59 <jdstrand> (mdeslaur will lead that effort)
18:39:32 <jdstrand> 2. the desktop team approached me about testing mozilla releases before upstream release day
18:39:38 <jdstrand> (fyi micahg ^)
18:39:55 <jdstrand> I said that this is the plan and that we have work items in place to achieve this
18:40:07 <micahg> they do realize this is one day, right?
18:40:22 <jdstrand> micahg: no, test the images for they tag them
18:40:32 <jdstrand> like we said, we build them automatically
18:40:34 <micahg> jdstrand: huh?
18:40:37 <jdstrand> when it gets close, we test
18:40:53 <jdstrand> s/for they/before they/
18:41:00 <micahg> yes, I mean there is only 1 work day to do this still (builds are tagged on Friday), yes, it's possible
18:41:02 <jdstrand> eg, the release every 6 weeks
18:41:10 <jdstrand> at 5 weeks, we can have testable packages
18:41:15 <micahg> no, we can't
18:41:20 <jdstrand> why?
18:41:27 <micahg> they push out fixes in the final week
18:41:39 * jdstrand nods
18:41:45 <micahg> the beta PPA is for people to test
18:42:12 <jdstrand> the beta ppa is on 15 or something now, no?
18:42:16 <micahg> ideally, people are running the beta and reporting issues along the way so my final testing is basically a rubber stamp
18:42:23 <mdeslaur> test = look at 20 screenshots
18:42:26 <micahg> if I catch anything in my testing, it's too late anyways
18:43:06 <micahg> yeah, once we have the automated testing screenshots, I think I'll run that against the beta PPA weekly, that should improve things
18:43:15 <micahg> s/improve/catch things earlier/
18:43:24 <jdstrand> I would still argue that testing twice, once a week before and one day of would still be better than testing a day or two after
18:43:35 <jdstrand> even if it is not automated yet
18:43:48 <jdstrand> but anyway
18:43:55 <micahg> sure, I can QA the beta the week before
18:44:30 <jdstrand> in this particular instance, that asked if we could test early (ie, twice) to catch anything for the point release
18:44:48 <jdstrand> micahg: can you coordinate that with the desktop team-- ie the exact timing)
18:44:53 <micahg> the point release is in 3 months, we'll have 2 more releases before that
18:45:17 <jdstrand> micahg: you might also mention the beta ppa-- I mentioned it, but they ones I saw were way past '13'-- they were on 15
18:45:34 <micahg> 12.04.1 will get FIrefox 14
18:45:51 <sbeattie> jdstrand: is there ay possibility of getting QA resources to assist?
18:45:58 <jdstrand> micahg: yes, I know-- but they asked for this to happen in a couple of weeks. can you coordinate/clarify what they need?
18:46:06 * jdstrand is trying not to be the middle-man
18:46:08 <micahg> jdstrand: sure, who's the contact for that?
18:46:30 <jdstrand> seb128 asked me-- I imagine either him or chris
18:46:46 <micahg> sbeattie: I asked QA a while back to start running QRT, maybe I can get them to review the results more frequently once we have the screenshotting capability
18:47:09 <jdstrand> sbeattie: well, now that we are on rapid release, we don't have the big call for testing-- everything is just a 'regular' update
18:47:26 <micahg> jdstrand: I think he meant help with testing :)
18:47:37 <jdstrand> and all they are asking for is us to do our regular testing by some point
18:47:42 <sbeattie> jdstrand: what micahg said, not just calls for testing.
18:47:53 <jdstrand> (see last statement)
18:48:30 <jdstrand> and since that regular testing is something we should be doing anyway, I said 'ok'
18:49:21 <jdstrand> anyhoo, this is a little more complicated than it has to be. desktop team needs tests to happen be a certain date. if micahg can ascertain the date and do the testing, that would be great. everything else is executing our work items
18:52:29 <jdstrand> I think that is it
18:52:37 <jdstrand> Does anyone have any other questions or items to discuss?
18:57:23 <jdstrand> #endmeeting