16:32:37 <jdstrand> #startmeeting
16:32:37 <meetingology> Meeting started Mon Mar 25 16:32:37 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:32:37 <meetingology> 
16:32:37 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
16:32:42 <mdeslaur> \o
16:32:43 <jdstrand> The meeting agenda can be found at:
16:32:43 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:32:49 <jdstrand> [TOPIC] Announcements
16:33:19 <jdstrand> in order to better accomodate all the members of the security team, we've changed our meeting time to 16:30 UTC
16:33:30 <jdstrand> Thanks to Scott Kitterman (ScottK) who provided a debdiff for hardy for clamav (LP: #1157385). Your work is very much appreciated and will keep Ubuntu users secure. Great job!
16:33:32 <ubottu> Launchpad bug 1157385 in clamav (Ubuntu Hardy) "0.97.7 security update" [Undecided,Fix released] https://launchpad.net/bugs/1157385
16:33:44 <ScottK> Thanks.
16:33:52 <jdstrand> :)
16:34:22 <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, chrisccoulson: please book travel for the sprint if you haven't already
16:34:30 <jdstrand> [TOPIC] Actions
16:34:49 <jdstrand> I had the action for changing the meeting time. that is obviously done :)
16:34:58 <jdstrand> [TOPIC] Weekly stand-up report
16:35:02 <jdstrand> I'll go first
16:35:13 <jdstrand> I have a short week this week, with friday off
16:35:29 <jdstrand> I'm on community this week
16:35:43 <jdstrand> I've got various performance reviews stuff I'll be working on
16:36:12 <jdstrand> as well as monthly planning for March (follow-ups) and April
16:36:57 <jdstrand> I think the monthly planning went pretty well this month (the planning itself, not the work items (which are doing quite well :), which we can discuss in a bit)
16:37:24 <jdstrand> I have 2 audits I need to do surrounding the SDK and gwibber
16:37:42 <jdstrand> and I'd like to carve out some time for looking at scopes privacy
16:38:40 <jdstrand> in terms of March work items status:
16:39:27 <jdstrand> I worked on getting the Ubuntu SDK/Unity dbus abstractions together last week, and have created patches against our apparmor in the dbus ppa that I'll either upload or coordinate with tyhicks
16:39:51 <jdstrand> so my part should be done today
16:40:43 <jdstrand> I am also updating the apparmor.d man page for dbus
16:40:56 <jdstrand> that should be done shortly
16:40:59 <tyhicks> nice! :)
16:41:04 <jdstrand> mdeslaur: you're next
16:41:19 <mdeslaur> I've just pushed out the openssl regression fix
16:41:23 <mdeslaur> and gnome-online-accounts
16:41:36 <mdeslaur> I'm currently finishing ruby testing, they should go out this afternoon
16:41:47 <mdeslaur> I'm in the happy place this week
16:41:53 <mdeslaur> and will pick up another update
16:41:59 <mdeslaur> I hope to have time to try out the sdk too
16:42:08 <mdeslaur> that's about it from me
16:42:11 <mdeslaur> sbeattie: you're up
16:42:36 <sbeattie> I'm focused on apparmor display manager confinement again this week.
16:43:09 <sbeattie> I'm still working on some issues with the logging prototype that I've been working on
16:43:42 <sbeattie> I'm also digging into the mir codebase this week
16:43:53 <mdeslaur> cool
16:44:02 <sbeattie> and that's pretty much it for me.
16:44:09 <sbeattie> tyhicks: you're up
16:44:28 <tyhicks> I'm primarily working on apparmor dbus mediation this week
16:44:39 <jdstrand> sbeattie: in terms of work items, that leaves the API. will those be postponed to april?
16:44:40 <tyhicks> I'm still bug squashing from late last week
16:44:44 * tyhicks pauses
16:45:01 <sbeattie> jdstrand: yeah, likely.
16:45:06 <jdstrand> ok
16:45:11 <jdstrand> tyhicks: sorry
16:45:13 <tyhicks> np
16:45:13 <jdstrand> go ahead
16:45:52 <tyhicks> I've fixed the dbus-daemon segfault that we were seeing and I'm trying to understand some oddness around the dbus acquire permission checks
16:46:14 <tyhicks> I found one bug in the query code and fixed it
16:46:27 <tyhicks> there's still another bug either in the parser or the query code... looking into that more right now
16:46:33 <tyhicks> then I'll upload those 3 fixes today
16:46:44 <tyhicks> then I'll switch to my last remaining march work item:
16:46:52 <tyhicks> [tyhicks] dbus daemon, use aa_getpeercon - initial (high) (1): INPROGRESS
16:47:19 <tyhicks> I've already been thinking how I want to do that and don't think it'll take much work to complete
16:47:37 <jdstrand> o/ (I have a question when you are done with status)
16:47:51 <tyhicks> (the sizing feels accurate to me, so I don't forsee that work item to be postponed)
16:48:31 <tyhicks> Outside of that stuff, I need to do some work on eCryptfs performance improvements. That'll probably fall in after-hours time, though.
16:48:34 <tyhicks> That's it for me
16:48:40 <tyhicks> jdstrand: what's your question?
16:49:21 <jdstrand> I think you covered your work items status, but unrelated to that, did you also see the issues I was having with the output of apparmor_parser -p with dbus rules?
16:50:08 <tyhicks> jdstrand: Yeah, I took a quick look at that and I still don't have a good answer
16:50:12 <jdstrand> ok
16:50:15 * jdstrand is done
16:50:33 <tyhicks> jdstrand: I'm not really familiar with the parser code, so it'll take a bit of time for me to get to the bottom of that
16:51:05 <tyhicks> jdstrand: Can I look at that after the getpeercon work item or is it blocking your work item from completion?
16:51:17 <jdstrand> it may be something jjohansen can point you at (or maybe it is an easy fix). it isn't super important atm, but something we don't want to release with
16:51:25 * tyhicks nods
16:51:25 <jdstrand> it isn't blocking me at all
16:51:40 <jdstrand> it is just a bug that I wanted on someone's todo list
16:51:54 <tyhicks> jdstrand: I've added an entry in my todo tracker
16:51:58 <jdstrand> thanks
16:52:02 <tyhicks> np, thanks for pointing it out :)
16:52:05 <tyhicks> jjohansen: you're up
16:52:21 <jjohansen> jdstrand: is there a bug open on that?
16:53:02 <jjohansen> we don't need one, just want make sure if there is we update it
16:53:05 <jdstrand> jjohansen: no, which was a question I had. how do we want to handle bugs against the ppa? perhaps we could discuss in #apparmor after the meeting (but here is fine if it is an easy answer)
16:53:33 * tyhicks doesn't have an easy answer atm
16:53:49 <mdeslaur> jdstrand: just write in the bug description that it's the ppa version?
16:53:52 <jdstrand> let's discuss in #apparmor then
16:53:56 <jjohansen> jdstrand: generally I don't care. If you poke one of us, I think that is enough atm
16:54:02 <jjohansen> I have a short week this week (off thurs, and friday)
16:54:02 <jjohansen> I will be working on next months monthly planning and finishing up my apparmor wi (labeling, and stacking), and coordinating with tyhicks on integrating the dbus changes into the apparmor-dev ppa
16:55:06 <jdstrand> jjohansen: based on that, it sounds like the march work items are on track. is that accurate?
16:55:21 <jdstrand> wait, there was one you said might slip
16:55:39 <mdeslaur> oh? which one?
16:55:50 <jjohansen> jdstrand: hrmm, I am behind
16:55:50 <jjohansen> stacking, extend policy language - parser (essential) (4): will be postponed for sure
16:56:00 <jdstrand> yes, that was the one
16:56:15 <jdstrand> jjohansen: no worries, I know you've been very busy with kernel security updates
16:56:30 <jdstrand> I've already communicated that has slowed us down
16:56:44 <jjohansen> I think we should be able to get the other ones out, but maybe I am being optimistic
16:57:08 <jdstrand> well, it's ok if things overlap between months
16:57:14 <jdstrand> we don't have to be rigid, just aware
16:58:00 <jjohansen> right
16:58:39 <jjohansen> I think that is it from me, sarnold your up
16:59:08 <sarnold> I'm working on some workitems this week, juju charm authoring and testing
16:59:36 <sarnold> turns out that local lxc deployments aren't working well in raring; hooray for uvt making vm testing so easy (thanks marc :)
16:59:51 <sarnold> (I think the problem is the usual python-has-broken-everything-again)
17:00:23 <sarnold> once I've made some progress there, I'll be doing the LXC MIR audit, unless something higher-priority pops up
17:00:40 <sarnold> oh yes, I'm also on triage this week.
17:00:50 <robru> is this the settings meeting?
17:00:55 <sarnold> robru: security team
17:01:01 <sarnold> chrisccoulson: your turn :)
17:01:04 <jdstrand> robru: we're almost done
17:01:10 <robru> no worries
17:01:12 <chrisccoulson> yoyo
17:01:15 <seb128> we are moving to  #ubuntu-touch for the settings meeting
17:01:21 <robru> seb128, thanks
17:01:46 * jdstrand didn't see a planned meeting in the calendar at this time, fwiw
17:01:58 <chrisccoulson> so, last week I started looking at automated testing for chromium. i've got some tests running, and i plan to start writing the glue to hook this in to jenkins this week
17:02:10 <chrisccoulson> i've also got a build of the latest version of chromium working on armhf
17:02:16 <jdstrand> \o/
17:02:20 <mdeslaur> \o/
17:02:35 <mdeslaur> wait...new version breaking arm again in...5....
17:02:36 <mdeslaur> 4....
17:02:37 <mdeslaur> 3...
17:03:07 <chrisccoulson> i went through the checklist of things i need to do as a new starter last week too. i've deferred a few things until i get my new laptop though (such as setting up test environments)
17:03:26 <chrisccoulson> that's arriving in 2 days :)
17:03:31 <sarnold> \o/
17:03:43 <chrisccoulson> there's also a firefox release next week (which means preparing builds at the end of this week)
17:03:51 <chrisccoulson> and i have a short week too
17:04:02 <mdeslaur> chrisccoulson: oh, what version of ff?
17:04:09 <chrisccoulson> mdeslaur, 20
17:04:17 <jdstrand> chrisccoulson: I'll show you the UCT/USN ropes then
17:04:21 <mdeslaur> they grow up so fast
17:04:24 <chrisccoulson> jdstrand, excellent, thanks
17:04:54 <chrisccoulson> i think that's me done
17:05:05 <jdstrand> [TOPIC] Highlighted packages
17:05:08 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:05:12 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:05:17 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/strongswan.html
17:05:19 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/proftpd-dfsg.html
17:05:22 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libjboss-cache1-java.html
17:05:25 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libphp-adodb.html
17:05:28 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/jenkins-winstone.html
17:05:36 <jdstrand> [TOPIC] Miscellaneous and Questions
17:05:42 <jdstrand> Does anyone have any other questions or items to discuss?
17:06:03 <mdeslaur> is everyone off on monday?
17:06:08 <jdstrand> no
17:06:17 <jdstrand> US is not
17:06:26 <jdstrand> chrisccoulson: are you?
17:06:37 <chrisccoulson> jdstrand, yeah, i think we get friday and monday
17:06:41 <chrisccoulson> i should check though :)
17:06:47 <mdeslaur> ok, I'm off on monday, FYI
17:06:50 <jdstrand> chrisccoulson: yes :)
17:07:49 <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, chrisccoulson: thanks!
17:07:51 <jdstrand> #endmeeting