16:34 <jdstrand> #startmeeting
16:34 <meetingology> Meeting started Mon May  5 16:34:57 2014 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:34 <meetingology> 
16:34 <meetingology> Available commands: action commands idea info link nick
16:34 <jdstrand> The meeting agenda can be found at:
16:35 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:35 <jdstrand> [TOPIC] Weekly stand-up report
16:35 <jdstrand> I'll go first
16:35 <jdstrand> I got the openjdk updates out last week
16:35 <jdstrand> I'm on triage this week
16:37 <jdstrand> I went through the blueprints last week and think 14.04 is up to date
16:37 <jdstrand> as a first pass, I carried over the work from 14.04 to 14.10 blueprints
16:37 <jdstrand> I plan on discussing this with mdeslaur and then we can go over it all as a team this week
16:38 <jdstrand> then I have sprint planning
16:38 <jdstrand> there are also some 14.10 apparmor policy updates (apparmor-easyprof-ubuntu) that I hope to do this week
16:39 <jdstrand> and I am looking at various open CVEs to fix
16:39 <jdstrand> mdeslaur: you're up
16:39 <mdeslaur> I'm on community this week
16:39 <mdeslaur> I have some updates I just published, and am continuing to down down the never ending CVE list :)
16:39 <mdeslaur> that's about it from me!
16:40 <mdeslaur> also, some blueprint discussion with jdstrand
16:40 <mdeslaur> sbeattie: you're up!
16:41 <sbeattie> I'm continuing some work I started last week on improving gcc hardening.
16:42 <sbeattie> I have a patch that updates the default to -fstack-protector-strong (and fixes some issues with -Wformat-security patch), but am currently exploring alternate approaches discovered while trying to figure out the best way to make the default be PIE for amd64 only.
16:43 <sbeattie> I also need to investigate seem reports that apache mod_apparmor may be not working correctly in trusty
16:43 <sbeattie> that's pretty much it for me this week.
16:43 <sbeattie> tyhicks, you're up
16:44 <tyhicks> I'm still hacking on kdbus from last week
16:44 <tyhicks> I also need to merge dbus from debian and refresh our mediation patches with the latest set that I've attached in the upstream bug
16:45 <tyhicks> oh, and I have a short week this week since I'm off on Friday
16:45 <tyhicks> that's it for me
16:45 <tyhicks> jjohansen: you're up
16:45 <jjohansen> I have an embargoed issue to finish up with, then more testing of the newest images with the trusty backport kernels.
16:45 <jjohansen> I need to get a set of patches together for upstream and push them so they are ready for the next merge window
16:45 <jjohansen> then I need to get back to finishing off the stacking work for apparmor
16:46 <jjohansen> - the patches for upstream this time are mostly around enabling dbus mediation with the upstream kernel
16:47 <jjohansen> thats it for me sarnold your up
16:49 <sarnold> I'm in the happy place this week; I need to return to getting the qrt test-django script to function on saucy and newer (I got distracted last week by libvirt 'issues'. ugh.) I haven't made much forward progress on test-django yet, it's been frustrating so far.
16:49 <sarnold> but now that I've got shiny new VMs, hopefully there aren't many new hurdles to finishing it off :)
16:50 <sarnold> depending upon how that goes I may pick up an update
16:50 <sarnold> I tihnk that's it for me, chrisccoulson?
16:50 <jdstrand> chrisccoulson is off today
16:50 <sarnold> (or is it bank holiday?)
16:50 <jdstrand> [TOPIC] Highlighted packages
16:51 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:51 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:51 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libkdcraw.html
16:51 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/redis.html
16:51 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/plib.html
16:51 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/tinymce.html
16:51 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libtar.html
16:51 <jdstrand> [TOPIC] Miscellaneous and Questions
16:51 <jdstrand> Does anyone have any other questions or items to discuss?
16:58 <jdstrand> thanks mdeslaur, sbeattie, tyhicks, jjohansen and sarnold :)
16:58 <jdstrand> #endmeeting