16:34 <mdeslaur> #startmeeting 16:34 <meetingology> Meeting started Mon Jul 29 16:34:11 2013 UTC. The chair is mdeslaur. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:34 <meetingology> 16:34 <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired 16:34 <mdeslaur> The meeting agenda can be found at: 16:34 <mdeslaur> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:34 <mdeslaur> [TOPIC] Announcements 16:34 <mdeslaur> thanks to Felix Geyer (debfx) for his help on security updates for the community supported baz package last week. 16:34 <mdeslaur> thanks to Luke Faraone (lfaraone) for his help on security updates for the community supported openafs package last week. 16:34 <mdeslaur> Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 16:34 <mdeslaur> [TOPIC] Weekly stand-up report 16:34 <mdeslaur> jdstrand: want to try going first? 16:35 <mdeslaur> lag lag lag lag 16:35 <mdeslaur> jdstrand: time's up, you lose 16:35 <mdeslaur> So, I'm in the happy place this week 16:35 <chrisccoulson> pub? 16:35 <mdeslaur> I'll be heading out to Lost Wages for black hat 16:35 <mdeslaur> so I'll be offline most of the time 16:36 <mdeslaur> and today I'm preparing my travel laptop 16:36 <mdeslaur> that's it from me 16:36 <mdeslaur> sbeattie: you're up 16:36 <jdstrand> I can go now 16:36 <sbeattie> jdstrand: go ahead 16:36 <jdstrand> I'm on triage 16:36 <jdstrand> I have a couple of pending updates that I will be getting to 16:37 <jdstrand> I patch piloted last week, but now up for it again 16:37 <jdstrand> people are sprinting in IoM, so I will be doing things surrounding that (ie, attending remotely) 16:37 <jdstrand> I have several audits to get to 16:37 <jdstrand> and also monthly planning 16:38 <jdstrand> mdeslaur, sbeattie: if you guys can email what you have for an initial set of perms, I'll try to play with those this week too 16:38 <jdstrand> .. 16:38 <sbeattie> jdstrand: will do 16:38 <sbeattie> I'm in some combination of the happy place and apparmor this week 16:38 <sbeattie> I'll also be at black hat with mdeslaur 16:39 <sbeattie> and then next week I'm on holiday 16:39 <sbeattie> I need to do some travel prep today as well as a couple of apparmor ubuntu-sdk things (the perms things jdstrand mentioned place a couple more fixes to the click-apparmor hook) 16:40 <sbeattie> and that's it for me. tyhicks? 16:41 <jdstrand> sbeattie: ping me for uploading click-apparmor to saucy-- though I will probably wait til after the demo to do it 16:41 <sbeattie> jdstrand: yeah, that's fine. 16:41 <tyhicks> I'm going through the dbus and apparmor patches, cleaning them up if necessary, sending them upstream and then making sure that they are in good shape for uploading to saucy 16:41 <jdstrand> (unless the fixes are really important for the demo) 16:42 <tyhicks> I'm through all of the tough patches, so I plan on having everything on the list and updated dbus and apparmor packages landed in saucy this week 16:42 <mdeslaur> nice! 16:42 <tyhicks> I'm still trying to get to my content-hub work items. I think that'll happen towards the end of the week. 16:42 <tyhicks> I think that's it for me 16:42 <tyhicks> jjohansen: you're up 16:43 <jjohansen> I've got a saucy-unstable (3.11-rc3) kernel apparmor sync to test, and issue a pull request for 16:43 <jjohansen> the apparmor fs pull-request for 3.12 to send upstream (this is the new interface with rcu and all the fs changes going upstream, and gets us sync up to the in dev labeling patches) 16:43 <jjohansen> I'll take a look at the latest apparmor dbus patches so we can get them merged, and merge those against my own patchset so I can get a second revision of those out 16:43 <jjohansen> then I'll get to my regular apparmor work items for the week 16:46 <jjohansen> that is it for me sarnold your up 16:46 <sarnold> I'm on community this week; up first is patch review of tyhicks's latest bundle, then onto MIR audits, and I'm again hopeful for getting perhaps two or three done this week, always the optimist in the face of facts.. :) 16:47 <sarnold> oh yes, and once again, if sbeattie and I get some free time at the same time, apparmor 2.8.2, but again, since nothing is blocking on that, it .. might fall through the cracks again. 16:47 <mdeslaur> hehe 16:47 <sarnold> chrisccoulson: your turn 16:47 <chrisccoulson> yo 16:48 <chrisccoulson> so, last week we had a discussion with stakeholders about oxide 16:48 <chrisccoulson> i managed to get it working too :) 16:48 <mdeslaur> \o/ 16:48 <sarnold> woo :) 16:48 <chrisccoulson> (not sure if everyone saw the video) 16:48 <chrisccoulson> had an interesting discussion about requirements for online-accounts as well 16:49 <chrisccoulson> this week, i shall be mostly working on the same (and getting firefox beta up-to-date, which i've let slip a little bit the last couple of weeks) 16:50 <chrisccoulson> (firefox 23 release is next week) 16:50 <chrisccoulson> that's me done 16:50 <mdeslaur> cool 16:50 <mdeslaur> [TOPIC] Highlighted packages 16:50 <mdeslaur> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:50 <mdeslaur> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:50 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/feh.html 16:50 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/pyrad.html 16:50 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/phppgadmin.html 16:50 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/php-openid.html 16:50 <mdeslaur> http://people.canonical.com/~ubuntu-security/cve/pkg/mednafen.html 16:50 <mdeslaur> [TOPIC] Miscellaneous and Questions 16:50 <mdeslaur> Does anyone have any other questions or items to discuss? 16:51 <mdeslaur> zzzz 16:51 <mdeslaur> Thanks everyone! 16:51 <mdeslaur> #endmeeting