#ubuntu-meeting log

16:35 <jdstrand> #startmeeting
16:35 <meetingology> Meeting started Mon Jun  9 16:35:13 2014 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:35 <meetingology> 
16:35 <meetingology> Available commands: action commands idea info link nick
16:35 <jdstrand> The meeting agenda can be found at:
16:35 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:35 <jdstrand> [TOPIC] Announcements
16:35 <jdstrand> Felix Geyer (debfx) provided debdiffs for precise-trusty for mod-wsgi (LP: #1322338). Your work is very much appreciated and will keep Ubuntu users secure. Great job!
16:35 <ubottu> Launchpad bug 1322338 in mod-wsgi (Ubuntu Utopic) "CVE 2014-0240 and CVE 2014-0242" [Undecided,Fix released] https://launchpad.net/bugs/1322338
16:35 <jdstrand> [TOPIC] Weekly stand-up report
16:35 <jdstrand> I'll go first
16:36 <jdstrand> short week this week. I am off Wednesday
16:36 <jdstrand> I'm on community this week
16:36 <jdstrand> I need to send my ofono hardening work to the phonedations team (ie, where only certain applications can communicate to ofono)
16:36 <jdstrand> there is a bit more work to do there, but I have it working on my phone, so that is good
16:37 <jdstrand> I have been doing phablet kernel testing for jjohansen-- mako looks good so far, still need to do flo and goldfish, but I imagine jjohansen has those tested already
16:37 <jdstrand> I am working on several different openstack updates
16:38 <jdstrand> and have various sprint outcomes to still go through
16:38 <jjohansen> sure I've run those, there are some basic policy updates, but jdstrand has seen those already
16:39 <jjohansen> jdstrand: you pulled in the new apparmor package correct?
16:39 <jdstrand> jjohansen: yes
16:39 <jjohansen> okay good
16:39 <jdstrand> we need to get this into utopic so our delta is as small as possible when we update for abstract, but we can talk about that in jjohansen's time
16:40 <jdstrand> mdeslaur: you're up
16:40 <mdeslaur> I'm in the happy place this week
16:40 <mdeslaur> I have some json-c packages to test, and am currently working on dpkg updates
16:40 <mdeslaur> also have to do the non-trivial libtasn backports
16:41 <mdeslaur> tomorrow, I'm doing a Q&A for UDS^H^H^Hwhatever replaces UDS
16:41 <jdstrand> oh, I guess there is UOS too
16:41 <jdstrand> (jeez, busy week)
16:41 * sbeattie collects rotten tomatoes for that
16:41 <mdeslaur> and I need to look at an updated apparmor package for U
16:41 <mdeslaur> jjohansen's packages is missing a couple of the latest commits, which I guess we're going to want
16:42 <mdeslaur> so I'll remerge from trunk I guess
16:42 <mdeslaur> and, yeah, attend UOS
16:42 <jjohansen> mdeslaur: O_o I pulled that fresh on friday
16:42 <jjohansen> not that the debian packaging side doesn't need some fixing :)
16:43 <mdeslaur> jjohansen: oh, the two missing commits are freom friday
16:43 <mdeslaur> d'oh
16:43 <mdeslaur> jjohansen: yeah, I'll take a look and see if everything's good with the packaging
16:43 <jjohansen> haha, nice
16:44 <mdeslaur> that's it from me, sbeattie?
16:44 <sbeattie> I'm focusing again on getting pie by default for amd64 in gcc this week
16:44 <mdeslaur> sbeattie: what's the current status?
16:44 <sbeattie> I have a test compiler that bootstraps and does the right for common cases.
16:45 <sbeattie> There's a couple of situations that the gcc testsuite where it's not compiling the .o with -fPIE when it needs to, but tries to link with -pie, which fails, so I'm tracking down why that fails.
16:46 <sbeattie> I'm in the middle of setting up a ppa with that compiler as the default, to enable wider testing/benchmarking.
16:46 <mdeslaur> cool
16:47 <sbeattie> I have some apparmor patches to review and submit.
16:47 <mdeslaur> sbeattie: oh, are those good for U too?
16:47 <sbeattie> mdeslaur: cboltz's patch is, yes, though I need to dig in to why I can't reproduce his failure in U.
16:48 <mdeslaur> ok
16:48 <sbeattie> I may try to take a swap day off on friday...
16:48 <sbeattie> And I'll be attending UOS.
16:49 <sbeattie> That's it for me, I think. tyhicks?
16:49 <tyhicks> I'm focusing on my kdbus work item this week
16:49 <tyhicks> I keep letting myself get distracted by other work, so I'm only going to plan on that one work item
16:49 <tyhicks> I'll sync up w/ everyone once it is done for what I should focus on next
16:49 <tyhicks> (Some UOS for me this week, as well)
16:49 <tyhicks> That's it for me
16:49 <tyhicks> jjohansen: you're up
16:50 <jjohansen> So I've got UOS to distract me this week, and a couple of bugs to poke at and at least triage
16:51 <jjohansen> We have the utopic touch device kernels in testing, and I think ready to be pulled
16:51 <jjohansen> so I will send that request out as soon as its dependencies fall into place (maybe this week)
16:52 <mdeslaur> is anything there waiting on a new userspace?
16:52 <jjohansen> This basically falls out as: more testing, policy updates, and the new apparmor userspace in U
16:53 <jjohansen> mdeslaur: yep, the kernel won't go until that is updated, reason: userspace fixes a compiler issue that results in policy that causes failures under the new kernel
16:53 <mdeslaur> hrm
16:53 <mdeslaur> ok
16:53 <mdeslaur> guess I'll work on that tomorrow or wed then
16:55 <jjohansen> Besides testing/collaborating with jdstrand on the policy updates, I'll be working on the apparmor kernel module
16:55 * mdeslaur still needs to figure out how he got volunteered to do the U update
16:55 <jjohansen> to finish up the missing pieces
16:56 <jjohansen> mdeslaur: well it was one of those quick mdeslaur isn't paying attention get him to agree while he is distracted
16:56 <sbeattie> mdeslaur: we sent you out to collect beer and cheetos while we decided, to help the volunteering process along.
16:56 <sarnold> I'm wondering when we're goign to tell mdeslaur he also volunteered for the T update...
16:56 <jdstrand> jjohansen: policy updates should all be in place
16:56 * mdeslaur shakes fist at team
16:57 <jjohansen> jdstrand: when will they hit the images?
16:57 <jdstrand> they are there
16:57 <jdstrand> check that off your list :)
16:57 <jjohansen> okay, I'll update and see how it goes, and then check it off the list :P
16:58 <jjohansen> I think that is it for me, sarnold your up
16:58 <jdstrand> on mako I have no denials except with media-hub, but that is unrelated
16:58 <jdstrand> (it also works fine and I've pinged jhodapp about it)
16:59 <jjohansen> jdstrand: I expect everything will be fine, I just want to run it through the 4 devices to make sure
16:59 <jdstrand> sure
16:59 * jjohansen wants to avoid the whole your new kernel broke, ... mess
17:01 <sarnold> I'm on triage this week; I'm also reading some angry tweets for UOS, investigating click packaging to see how authenticity checks are being performed, and if there's any time left returning to the interminable mod_wsgi fixes for django
17:01 <sarnold> I think that's it for me, chrisccoulson?
17:02 <chrisccoulson> this week, it's mozilla updates for me
17:02 <chrisccoulson> plus one other update
17:02 <chrisccoulson> my other main task is fixing bug 1312082, which I hope to have done this week
17:02 <ubottu> bug 1312082 in Oxide "Stop using deprecated compositing paths" [High,Triaged] https://launchpad.net/bugs/1312082
17:03 <mdeslaur> chrisccoulson: so will the new paths be next on the deprecated list, or are they the current ones? :)
17:03 <chrisccoulson> mdeslaur, no, we'll be using the same path as all other platforms :)
17:03 <mdeslaur> oh cool :)
17:04 <chrisccoulson> i think that's me done
17:06 <jdstrand> chrisccoulson: moving away from the deprecated paths is required for the media-hub work to really start, correct?
17:06 <chrisccoulson> jdstrand, there's parts of that which can be started without it
17:07 <jdstrand> sure, but this has to be done for it
17:07 <jdstrand> chrisccoulson: the others are starting on the parts that can be done now, no?
17:07 <chrisccoulson> jdstrand, yeah, I think so
17:07 * jdstrand saw various bug assignments, etc last week
17:07 <jdstrand> cool
17:07 <jdstrand> [TOPIC] Highlighted packages
17:07 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:08 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:08 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libapache2-mod-nss.html
17:08 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/dolibarr.html
17:08 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/gnumeric.html
17:08 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/ircd-ratbox.html
17:08 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/ngircd.html
17:08 <jdstrand> [TOPIC] Miscellaneous and Questions
17:08 <jdstrand> Does anyone have any other questions or items to discuss?
17:15 <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks!
17:15 <jdstrand> #endmeeting