16:36 #startmeeting 16:36 Meeting started Mon Mar 31 16:36:54 2014 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:36 16:36 Available commands: action commands idea info link nick 16:36 The meeting agenda can be found at: 16:36 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:37 [TOPIC] Weekly stand-up report 16:37 I'll go first 16:37 last week was pretty busy helping get oxide in the archive (it is), it's MIR done (it is accepted) and landed on touch/desktop (in progress (others are handling this)). 16:37 Also did a lot of testing surrounding !AppArmor signals and ptrace FFe. Testing shows it is in really good shape. 16:37 Took a hard look at golang and commented in MIR to help remove potential impasse 16:38 for this week, I plan to help jjohansen and tyhicks land !AppArmor signals and ptrace FFe 16:38 the kernel bits are all in flight and I don't expect any issues there 16:38 * mdeslaur chuckles at wiki "!AppArmor" syntax :) 16:38 heh 16:38 sorry 16:39 there is also an openjdk-6 upstream regression that is prepared and gotten extensive community testing that I will be pushing out 16:39 no, problem I was able to follow it 16:39 I still have embargoed issues I am working on 16:40 and updates as I have time 16:40 mdeslaur: you're up 16:41 I'm in the happy place this week 16:41 I am patch piloting on friday 16:41 I am currently working on curl updates 16:41 and am continuing going down the list 16:41 that's pretty much it from me 16:41 sbeattie: you're up 16:41 * sbeattie is on apparmor again this week 16:42 Pretty much focused on testing & reviewing in support of landing the ptrace/signal mediation FFe for apparmor 16:42 sbeattie: what is left with the testing beyond what jjohansen implemented? 16:43 signal tests need expansion 16:43 ptrace tests could also use a pass through to make sure a combination wasn't missed 16:43 Yeah, was just going to say I wanted to review the ptrace tests for completeness 16:44 since the kernel seems to be under control for landing, I wondered if perhaps sbeattie would have time to help tyhicks with the distro policy verification/changes 16:44 and testing on the parser language side needs to be worked on as well 16:44 but I don't know what is left with the testing improvements, so I'll just put that out there and leave it at that 16:45 FWIW, I think there is quite a bit of value in expanding the signals testing and reviewing the ptrace test 16:45 jdstrand: eh, I can probably put some time into it as well. 16:46 tyhicks: okay 16:46 anyway, that's the plan for me this week 16:46 tyhicks: you're up 16:46 again, I tossed it out there as a conversation point-- feel free to prioritize on whateve makes sense to land this in a well-tested manner 16:47 my focus will be on landing the apparmor userspace ffe 16:47 ok, well, sbeattie and tyhicks please determine amongst yourselves the best course of action 16:47 * tyhicks nods 16:47 I'll be testing our existing, shipped profiles 16:48 and making adjustments, as needed 16:48 then I'll look into adding support to aa.py for file, pivot_root, signal, and ptrace rules 16:48 and that'll be followed up with the upload 16:48 that's it for me 16:48 jjohansen: you're up 16:50 I'm working on landing the apparmor FFe this week too. Mostly working with testing and what ever is needed to support tyhicks, sbeattie, and jdstrand. 16:51 If there is time the backport patches need to be updated so that the kernel sync that is part of the FFe can be done for touch. So that post FFe the work need to update touch can begin 16:52 that is it for me sarnold your up 16:53 i'm on triage this week 16:54 I'm finishing the juju-core MIR today if it goes as expected 16:54 that leaves the glusterfs MIR this week 16:54 I suspect this week I'll also upgrade my laptop to trusty to add my own dogfooding before release 16:55 thanks to those who went before me and already filed a bunch of bugs :) 16:55 I think that's it for me, chrisccoulson? 16:56 this week, i'm finishing off https://code.launchpad.net/~chrisccoulson/oxide/window-opening, which adds support for creating new webviews with window.open() 16:57 i'm also going to fix up the remaining issues on https://code.launchpad.net/~zaspire/oxide/lp_1259219/+merge/212330 (needed for webapps), as maxim is away this week and there's still some work to do on that 16:57 and then more code reviews (i got some of those done last week) 16:57 i think that's me done 16:59 [TOPIC] Highlighted packages 16:59 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:59 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 17:00 http://people.canonical.com/~ubuntu-security/cve/pkg/ibm-3270.html 17:00 http://people.canonical.com/~ubuntu-security/cve/pkg/lxsession.html 17:00 http://people.canonical.com/~ubuntu-security/cve/pkg/davfs2.html 17:00 http://people.canonical.com/~ubuntu-security/cve/pkg/claws-mail.html 17:00 http://people.canonical.com/~ubuntu-security/cve/pkg/ruby-will-paginate.html 17:00 [TOPIC] Miscellaneous and Questions 17:00 Does anyone have any other questions or items to discuss? 17:03 mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks! 17:03 #endmeeting