== Meeting information == * #ubuntu-meeting Meeting, 18 Aug at 16:32 — 16:56 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-08-18-16.32.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:32. === Highlighted packages === The discussion about "Highlighted packages" started at 16:48. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/ibutils.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libmms.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/cityhash.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/plib.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/lightdm-gtk-greeter.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 16:49. == Vote results == == Done items == * (none) == People present (lines said) == * jdstrand (40) * chrisccoulson (11) * mdeslaur (4) * sbeattie (4) * sarnold (3) * meetingology (3) * jjohansen (3) * ubottu (2) == Full Log == 16:32 #startmeeting 16:32 Meeting started Mon Aug 18 16:32:07 2014 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:32 16:32 Available commands: action commands idea info link nick 16:32 The meeting agenda can be found at: 16:32 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 [TOPIC] Weekly stand-up report 16:32 I'll go first 16:33 I'm in the happy place this week 16:33 hi :) 16:33 I plan to focus on apparmor: taking up tyhicks' work, policy updates (abstractions, system, click), testing and ultimately, landing 16:34 I'm keeping an eye on the openstack point release for trusty 16:34 and I'm working with foundations (eg, bhuey) on the pending openjdk-7 security update 16:34 mdeslaur: you're up 16:34 I'm on triae this week....although I'm off on vacation on wednesday, so it's a short week for me...someone will have to take over triage 16:35 mdeslaur: sarnold and I will handle that 16:35 I'm currently working on an openssl regression on lucid, that exposed a bug in postfix...postfix is now fixed, and I'm going to publish a regression fix for openssl on lucid this afternoon 16:36 and I'll monitor any last minute updates I can possibly work on before I go on holiday 16:36 that's pretty much it for me, sbeattie you're up 16:36 I'm on apparmor this week. 16:37 I'm reviewing jjohansen's abstract socket patches and testing the kernel to help out landing that. 16:38 That's pretty much it for me. tyhicks is not here... 16:38 jjohansen: you're up. 16:39 I am working on revising and landing the abstract socket mediation 16:39 I will also be helping tyhicks with anything he needs for LSS 16:40 I think thats it for me, sarnold you're up 16:41 chrisccoulson: why don't you go first 16:42 s/first/now/ 16:42 this week, I'm focusing on bug 1214034 16:42 bug 1214034 in webbrowser-app "Implement API for querying SSL status and certificate information and signalling SSL errors to the embedder" [High,Triaged] https://launchpad.net/bugs/1214034 16:43 oh nice 16:43 I'm also expecting a chromium update from chad, and I have an oxide update to publish too 16:44 securty update? 16:44 it is 16:44 is that 1.1? 16:44 not yet, it's still 1.0 16:45 chrisccoulson: does that mean we are still pulling down new chromium content api into 1.0? 16:45 the 1.0 update is the one that goes with chromium 36.0.1985.143 16:45 (see http://omahaproxy.appspot.com/) 16:46 so, I guess that is a 'yes' :) 16:46 yeah :) 16:46 chrisccoulson: curious, when do we expect 1.1 in trusty? 16:46 that was driven by the flash update, but there's other fixes in it too 16:46 1.1 is probably in another couple of weeks 16:46 * jdstrand is guessing backporting to both is taking some time 16:47 ackporting isn't the right word 16:47 refreshing for both 16:47 cool 16:47 i think that's me done :) 16:48 sarnold doesn't seem to be present, so I'll move along 16:48 [TOPIC] Highlighted packages 16:48 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:48 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:48 http://people.canonical.com/~ubuntu-security/cve/pkg/ibutils.html 16:48 http://people.canonical.com/~ubuntu-security/cve/pkg/libmms.html 16:49 http://people.canonical.com/~ubuntu-security/cve/pkg/cityhash.html 16:49 http://people.canonical.com/~ubuntu-security/cve/pkg/plib.html 16:49 http://people.canonical.com/~ubuntu-security/cve/pkg/lightdm-gtk-greeter.html 16:49 [TOPIC] Miscellaneous and Questions 16:49 Does anyone have any other questions or items to discuss? 16:51 sorry I'm late. I'm on community this week. I'm finishing a review of some apparmor patches and still have two outstanding MIR audits 16:52 sarnold: did you see the new one for bug #1358272? 16:52 bug 1358272 in debsig-verify (Ubuntu) "[MIR] debsig-verify" [Undecided,Incomplete] https://launchpad.net/bugs/1358272 16:53 sarnold: (in backscroll from another channel) 16:54 jdstrand: just now, thanks :) 16:54 np 16:54 sarnold: did you have anything else? 16:56 jdstrand: no, that was it 16:56 mdeslaur, sbeattie, jjohansen, chrisccoulson, sarnold: thanks! 16:56 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)