18:01:41 <mdeslaur> #startmeeting 18:01:41 <meetingology> Meeting started Mon Dec 10 18:01:41 2012 UTC. The chair is mdeslaur. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 18:01:41 <meetingology> 18:01:41 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired 18:01:50 <mdeslaur> The meeting agenda can be found at: 18:01:50 <mdeslaur> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 18:02:07 <mdeslaur> [TOPIC] Announcements 18:02:18 <mdeslaur> thanks to Christian Kuersteiner (ckuerste) for providing debdiffs for oneiric, precise and quantal for pgbouncer! 18:02:18 <mdeslaur> thanks to Stefan Bader (smb) for providing updates for oneiric, precise and quantal for xen! 18:02:18 <mdeslaur> Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 18:02:25 <mdeslaur> [TOPIC] Weekly stand-up report 18:02:30 <mdeslaur> I'll go first 18:02:37 <mdeslaur> I'm on community this week 18:02:44 <mdeslaur> I just finished publishing gimp and mysql 18:02:52 <mdeslaur> and will pick up some more on the list 18:03:05 <mdeslaur> I'm currently triaging the zillion xen CVEs, to clean that up 18:03:10 <mdeslaur> that's about it from me 18:03:11 <mdeslaur> sbeattie: you'reup 18:03:24 <sbeattie> I'm once again working on apparmor display manager stuff 18:03:41 <mdeslaur> sbeattie: making any progress there? 18:03:45 <mdeslaur> are you blocked on anything? 18:03:52 <sbeattie> I'm also finishing up a qrt apparmor issue that the kernel/qa team raised with me. 18:04:03 <sbeattie> mdeslaur: making progress, just slowly 18:04:31 <sbeattie> trying to figure out what infrastructure is needed in the prototype. 18:04:35 <jjohansen> that qrt issue was a nice little race thanks for finding it 18:04:54 <sbeattie> heh sure 18:05:22 <sbeattie> I'll also be off one day this week, on wednesday 18:05:33 <sbeattie> I think that's it for me. 18:05:42 <sbeattie> micahg: you're up 18:05:52 <micahg> I've got webkit updates and chromium still 18:06:26 <mdeslaur> micahg: didn't you have chromium last week? was there something wrong with them? 18:06:54 <micahg> mdeslaur: yeah, I had to kick back the merge proposal as everything wasn't documented well enough in the changelog 18:07:01 <mdeslaur> ok, cool 18:07:24 <micahg> any other questions? 18:08:09 * micahg is done then 18:08:31 <tyhicks> I'll begin working on the AppArmor policy interface work items this week 18:08:52 <tyhicks> I'm currently testing some kernel, apparmor, and dbus changes that jj made over the weekend 18:09:35 <tyhicks> If I get bogged down with the policy interface work, I will should probably merge in the audit package from experimental 18:09:39 <tyhicks> that's it for me 18:09:42 <tyhicks> jjohansen: you're up 18:09:56 <tyhicks> s/will should/should/ 18:10:29 <jjohansen> so, I still need to finish kicking out the apparmor alpha1, I think I am going to drop dbus from it so I don't have to finish the C++ conversion on it 18:10:50 <jjohansen> that will make it just a matter of rolling the current trees into a tarball 18:11:31 <jjohansen> after that its going to be back to getting the base labeling patch out and then the stacking patches on top of it 18:11:59 <mdeslaur> jjohansen: any idea on a timeframe for those? 18:13:11 <jjohansen> mdeslaur: yeah base labeling in the next couple of days, its not quite there but soon, and the stacking needs some rework for the changes made to the labeling patch, but both labeling and stacking will go into alpha2 next week 18:13:29 <mdeslaur> jjohansen: oh, nice :) 18:13:35 <mdeslaur> ok, who's next? 18:13:42 <mdeslaur> hrm, seems that's it 18:13:52 <jjohansen> back to you mdeslaur 18:13:53 <mdeslaur> bunch of vacation taking slackers :) 18:14:00 <mdeslaur> [TOPIC] Highlighted packages 18:14:07 <mdeslaur> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 18:14:07 <mdeslaur> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 18:14:07 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/rocksndiamonds.html 18:14:08 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/osc.html 18:14:10 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/jenkins.html 18:14:12 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/gnugk.html 18:14:14 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/oftc-hybrid.html 18:14:16 <mdeslaur> [TOPIC] Miscellaneous and Questions 18:14:18 <mdeslaur> Does anyone have any other questions or items to discuss? 18:15:11 <mdeslaur> ok, thanks everyone 18:15:17 <mdeslaur> #endmeeting