16:34 <jdstrand> #startmeeting 16:34 <meetingology> Meeting started Mon Jul 21 16:34:27 2014 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:34 <meetingology> 16:34 <meetingology> Available commands: action commands idea info link nick 16:34 <jdstrand> The meeting agenda can be found at: 16:34 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:34 <jdstrand> [TOPIC] Announcements 16:34 <jdstrand> Reinhard Tartler (siretart) provided a package for trusty for libav (LP: #1341216) 16:35 <ubottu> Launchpad bug 1341216 in libav (Ubuntu Utopic) "Libav security fixes Jul 2014" [High,Fix committed] https://launchpad.net/bugs/1341216 16:35 <jdstrand> Your work is very much appreciated and will keep Ubuntu users secure. Great job! 16:35 <jdstrand> [TOPIC] Weekly stand-up report 16:35 <jdstrand> I'll go first 16:35 <jdstrand> I'm on community this week 16:35 <jdstrand> I'm working on openjdk-6 updates today 16:35 <jdstrand> I've got performance reviews to do 16:36 <jdstrand> and plan on doing apparmor testing and helping out in any way I can to get that landed 16:36 <jdstrand> mdeslaur: you're up 16:36 <mdeslaur> I'm in the happy place this week 16:36 <mdeslaur> I have some updates pending 16:36 <mdeslaur> and have a lot more to work on 16:36 <mdeslaur> that's about it from me 16:36 <mdeslaur> sbeattie: you're up 16:37 <sbeattie> I'm focused on apparmor this week. 16:37 <sbeattie> I'll be testing stuff in support of jjohansen, basically doing whatever he needs in support of landing the socket stuff 16:38 <mdeslaur> cool 16:38 <sbeattie> And with jdstrand's note, I guess I have the sword damocles' performance reviews hanging over my head. 16:38 <sbeattie> meh, sword of ... 16:38 <sbeattie> that's pretty much it for me 16:38 <sbeattie> tyhicks: you're up 16:39 <tyhicks> I'm focused on AppArmor 16:39 <tyhicks> I'm currently getting jj's parser patches for supporting multiple policy cache dirs into shape for upstreaming 16:40 <tyhicks> they needed to be rebased against upstream and a couple of the later patches in the series didn't build 16:40 <tyhicks> that's all fixed and now I'm going back through to clean things up and then start testing 16:40 <tyhicks> there's still a few stubbed out pieces of functionality that I need to implement, too 16:41 <tyhicks> I'll be working on that until the abstract socket patches are available for packaging and testing 16:41 <tyhicks> Oh, I have a short week this week (off on Friday) 16:41 <tyhicks> and I need to do performance review stuff 16:41 <tyhicks> that's it for me 16:41 <tyhicks> jjohansen: you're up 16:42 <jjohansen> I'm focused on apparmor this week, I'm going to cram socket stuff at sbeattie, and tyhicks until they are sick of it 16:43 <mdeslaur> sweet 16:43 <jdstrand> \o/ 16:43 <jjohansen> I'm also going to hand some upstream testing work over to tyhicks, so we can get a push out before the security window closes 16:44 * jjohansen and tyhicks will coordinate to get that done 16:44 <tyhicks> I'm detecting a buffer overflow of my 4 work days this week 16:44 <tyhicks> ;) 16:44 <tyhicks> jjohansen: approx when does that window close? 16:45 <mdeslaur> heh 16:45 <jdstrand> thankfully, that should be the last big piece for the phone 16:45 <jjohansen> tyhicks: its not fixed but james like to have the patches for the next release by around rc5 16:45 <jjohansen> the other subsystems seem to have pushed already 16:45 <tyhicks> we're at rc6 16:46 <jjohansen> yes 16:46 <tyhicks> cool, we'll see if we can make it 16:46 <jjohansen> we are late already but he will likely take it if we can get it out before rc7 16:47 <jjohansen> I think that is it for me, sarnold you're up 16:49 <sarnold> I'm on triage this week; I'm also doing a MIR of librevenge, some additional code review of trust-store, performance review, and webrtc-audio-processing MIR; if there's any spare cycles they'll probably go towards apparmor patch reviews 16:49 <sarnold> I think that's it for me, chris appears out, jdstrand? 16:53 <jdstrand> ok 16:53 <jdstrand> [TOPIC] Highlighted packages 16:53 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:53 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:53 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/mupdf.html 16:53 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/ldap-account-manager.html 16:53 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/openarena.html 16:54 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/nullmailer.html 16:54 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/qtnx.html 16:54 <jdstrand> [TOPIC] Miscellaneous and Questions 16:54 <jdstrand> Does anyone have any other questions or items to discuss? 16:58 <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks! 16:58 <jdstrand> #endmeeting