#ubuntu-meeting log

18:04:03 <mdeslaur> #startmeeting
18:04:03 <meetingology> Meeting started Mon Nov  5 18:04:03 2012 UTC.  The chair is mdeslaur. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
18:04:03 <meetingology> 
18:04:03 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
18:04:09 <mdeslaur> The meeting agenda can be found at:
18:04:09 <mdeslaur> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
18:04:15 <mdeslaur> [TOPIC] Announcements
18:04:56 <mdeslaur> Natty is now EoL. jdstrand did the process for retiring it, so if you have not done it already, please do the checklist for removing natty from your security tools configuration.
18:05:17 <mdeslaur> [TOPIC] Weekly stand-up report
18:05:22 <mdeslaur> I'll go first I guess
18:05:28 <mdeslaur> This week, I'm in the happy place
18:05:35 <mdeslaur> I just released mysql, munin and mesa
18:05:45 <mdeslaur> and I have some other things to start working on
18:05:52 <mdeslaur> and I'll be gong down the list
18:05:57 <mdeslaur> that's pretty much it from me
18:06:00 <mdeslaur> sbeattie: you're up
18:06:22 <sbeattie> I'm trying to recover from UDS
18:06:34 <mdeslaur> sbeattie: did you get the Ubuflu?
18:06:47 <sbeattie> mdeslaur: no, but my inbox did
18:06:52 <mdeslaur> oh, haha
18:06:59 <mdeslaur> canonimailplague
18:07:03 <sbeattie> (I pre-fetched UbuFlu for myself)
18:07:42 <sbeattie> I'll be looking at the display manager notes and stuff that jjohansen handed off to me.
18:07:52 <sbeattie> which is pretty much it for me
18:08:03 <mdeslaur> I've been popping vitamin C like candy as a placebo preventative measure
18:08:23 <sbeattie> heh, yeah, me too
18:08:24 * jjohansen wishes he had some of that placebo
18:08:40 <sarnold> mm, something to do at lunch time..
18:08:50 <sbeattie> I don't think micahg is here, so tyhicks, I think you're up.
18:09:15 <tyhicks> Sorry, too busy laughing at your weak immune systems
18:09:18 <tyhicks> ;)
18:09:25 <mdeslaur> lol
18:09:44 <tyhicks> arges asked me to SRU the fix for bug 1052038
18:09:45 <ubottu> Launchpad bug 1052038 in ecryptfs-utils (Ubuntu Precise) "ecryptfs_fnek_sig missing when login at the same time on cron session close" [Medium,In progress] https://launchpad.net/bugs/1052038
18:10:05 <tyhicks> The fix already exists and a test case already exists, so it shouldn't be bad
18:10:05 * jjohansen coughs in tyhicks direction
18:10:45 <tyhicks> I want to wrap up things (from my end, at least) for the audit MIR this week
18:10:55 <mdeslaur> \o/
18:10:59 <tyhicks> sgrubb merged my patch upstream this morning
18:11:07 <mdeslaur> oh, nice
18:11:12 <sarnold> nice
18:11:16 <tyhicks> I've got a little inbox backlog to take care of
18:11:26 <tyhicks> and then I'm back on the apparmor dbus work
18:11:28 <tyhicks> that's it for me
18:11:31 <tyhicks> jjohansen: you're up
18:12:06 <jjohansen> I am going to get the dbus kernel up and then I'm am diving back into the stacking work this week
18:12:23 <tyhicks> thanks jjohansen
18:12:27 <mdeslaur> jjohansen: is that like the big jenga game at UDS?
18:12:42 <jjohansen> mdeslaur: nah, much less stable
18:12:49 <mdeslaur> hehe
18:12:50 <tyhicks> oof
18:12:53 <jjohansen> :)
18:13:06 <jjohansen> I think that is it for /me sarnold your up
18:13:12 <sarnold> good think you're a talented swordsman...
18:13:21 <sarnold> I'm on triage this week.
18:13:50 <jjohansen> sarnold: sadly only when my opponent is two feet tall
18:13:53 <sarnold> I'm pretty sure I've got the udsflu, you guys never mentioned that uds lasts another week...
18:14:02 <mdeslaur> sarnold: oh, let me know when you do bug triage if you want me to ride along
18:14:10 <sarnold> mdeslaur: thanks
18:15:06 <sarnold> before uds flights, I made sure qt4-x11 update worked well enough in natty, but didn't get around to the other distros in time to get the qt4-x11 update out the door for natty's goodbye party
18:15:36 <jjohansen> sarnold: ha yes, uds does seem to have a way of chewing up 2 weeks of your time
18:15:38 <sarnold> but it does help provide overall credibility to the reliability of the patch,  and the time spent with qrt feels well-spent.
18:16:11 <sarnold> I thikn that's it, but maybe that's just the sinuses thinking...
18:16:13 <mdeslaur> sarnold: ok, you can remove the natty update from the secppa before publishing
18:16:16 <sarnold> mdeslaur: back to you?
18:16:27 <mdeslaur> sarnold: so you'll be testing the other releases this week, and hopefully publish it?
18:16:34 <sarnold> mdeslaur: can I ask for your hlep for that later today?
18:16:37 <sarnold> mdeslaur: yes.
18:16:43 <mdeslaur> sarnold: certainly
18:16:49 <sarnold> thanks
18:17:09 <mdeslaur> [TOPIC] Highlighted packages
18:17:14 <mdeslaur> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
18:17:14 <mdeslaur> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
18:17:21 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/sun-javadb.html
18:17:21 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/msmtp.html
18:17:21 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/libparallel-forkmanager-perl.html
18:17:21 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/libsdp.html
18:17:21 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/geshi.html
18:17:46 <mdeslaur> [TOPIC] Miscellaneous and Questions
18:17:51 <mdeslaur> Does anyone have any other questions or items to discuss?
18:18:09 <sarnold> one thing, probably long-term discussion point..
18:18:32 <sarnold> we get our entropy from keyboard timing and hard drive timing data; but ssds are on the rise. are they still a reasonable source of entropy data?
18:19:12 <mdeslaur> hrm, interesting question
18:19:44 <mdeslaur> probably should be asked upstream
18:19:47 <sarnold> one hopes ssds are going into systems with good cpu-provided rngs but that may only be true on server-scale machinery.
18:20:50 <mdeslaur> yeah, it's a good question
18:21:49 <tyhicks> sarnold: FYI, Ted Ts'o made some changes to the kernel's entropy gathering code over the last month or two. I don't recall what all the changes were atm.
18:22:21 <sarnold> tyhicks: ah :) thanks
18:23:19 <mdeslaur> ok, thanks everyone!
18:23:21 <mdeslaur> #endmeeting