#ubuntu-meeting log

16:36 <jdstrand> #startmeeting
16:37 <meetingology> Meeting started Mon Sep 22 16:36:59 2014 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:37 <meetingology> 
16:37 <meetingology> Available commands: action commands idea info link nick
16:37 <jdstrand> The meeting agenda can be found at:
16:37 <jjohansen> o/
16:37 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:37 <jdstrand> [TOPIC] Announcements
16:37 <jdstrand> AppArmor kernel pull requests have been accepted for distro, mako, flo, manta and goldfish. The distro kernel is in proposed and finding its way to the archive. There is an unrelated issue with goldfish that must be fixed. After that, the phablet kernels will be pushed to the archive together.
16:37 <jdstrand> huge thanks to everyone for that! ^ :)
16:38 <tyhicks> \o/
16:38 <mdeslaur> \o/
16:38 <jdstrand> [TOPIC] Weekly stand-up report
16:38 <jdstrand> I'll go first
16:38 <jdstrand> last week was dominated by the kernel landing
16:39 <jdstrand> this week I have some bug fixes related to policy load on boot that I will fix today. I know more fixes are desired for this week, and we can do another upload
16:40 <jdstrand> note, that our in-image rtm bug fixes should be done by thursday, but we aren't limited for general fixes for utopic. if anything is left we want on the phone, we can do an ota update
16:41 <jdstrand> (ie, afaik, we are in good shape once I do my upload today for rtm readiness)
16:41 <jdstrand> I didn't get to look at lxc/docker.io/libvirt-lxc policy last week, so plan to this week
16:43 <jdstrand> I also need to adjust UCT for rtm branches, which I didn't get to last week
16:43 <jdstrand> ditto for patch piloting
16:43 <jdstrand> and have updates to the click-reviewers-tools I need to do
16:43 <jdstrand> mdeslaur: you're up
16:43 <mdeslaur> I just pushed out nginx and nss updates
16:43 <mdeslaur> and I have a dbus update I'm about to push out
16:44 <mdeslaur> after that, I have to merge nginx for utopic
16:44 <mdeslaur> and I have a couple of embargoed issues to work on
16:44 <mdeslaur> I'm also on triage this week
16:44 <mdeslaur> and have patch piloting sceduled for tomorrow
16:44 <mdeslaur> that's it from me, sbeattie, you're up
16:44 <sbeattie> I'm on apparmor this week.
16:45 <sbeattie> I'm working on finishing up some reviews of patches at the moment.
16:45 <sbeattie> Then I'll move on to fixing additional bugs to try to fit in this week's upload.
16:45 <sbeattie> That's pretty much it for me. tyhicks?
16:46 <tyhicks> it will be a short week for me
16:46 <tyhicks> I'm off Thursday and Friday
16:47 <tyhicks> I'm getting a couple fixes and tests, which have been hanging out on the list for too long, committed to lp:apparmor
16:47 <tyhicks> then I'm going to be sending out a v3 set of patches for some of the unix_socket_*.sh regression tests
16:48 <tyhicks> then I'll probably be helping with bug fixes
16:48 <tyhicks> I think that's it
16:48 <tyhicks> jjohansen: you're up
16:48 <jjohansen> I will be catching up on my kernel security sign-offs, and USNs for the next set of kernel updates.
16:48 <jjohansen> I have some upstream apparmor work that is past due and I need to get the patches pushed if they are going to land in 3.18
16:48 <jjohansen> Beyond that I will be working on bug fixes for apparmor.
16:49 <jjohansen> thats it for me, sarnold you're up
16:50 <sarnold> I'm on community this week
16:51 <sarnold> so get those universe security updates submitted :D
16:52 <sarnold> I'm starting with a MIR audit, finishing up whatever apparmor patches still need review to get those checked in, and if there's time, returning to another stalled MIR audit
16:52 <sarnold> and if there's time after that, I want to finish up the 'file' security update; the worst is I can't recall what testing I might have done on it two weeks back, so that'll take the bulk of the time for it.
16:53 <sarnold> that's it for me, chrisccoulson?
16:55 <chrisccoulson> so, this week I hope to get bug 1260016 done. As this is going to require making our C++ API public, I shall also be doing other bits of future proofing the existing API's to reduce the risk of us having to do ABI transitions in the future (which currently don't matter, because there isn't a public C++ API)
16:55 <ubottu> bug 1260016 in oxide-qt (Ubuntu) "Add an API to allow defining custom URL scheme delegates" [Critical,In progress] https://launchpad.net/bugs/1260016
16:56 <chrisccoulson> I've also got lots of reviews to do, so I shall be setting aside a day to go through those
16:56 <chrisccoulson> and it looks like I need to take a look at bug 1362543 too
16:56 <ubottu> bug 1362543 in The Webapps-core project "Web Application fail to load properly every other time is launched" [Critical,Triaged] https://launchpad.net/bugs/1362543
16:56 <chrisccoulson> i think that's me done
16:56 * jdstrand points sarnold at 'Checklists' from adb shell /tmp/tests/image/unprivileged/
16:59 <sarnold> jdstrand: ah that's just my usual hubris, "oh these updates will be so easy I'll get this one out the door before I can forget what I've done"  :)
17:02 <jdstrand> sarnold: sure, I get that. I just tend to document everything and thought that might be helpful.
17:05 <jdstrand> [TOPIC] Highlighted packages
17:05 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:05 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:05 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libparallel-forkmanager-perl.html
17:06 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/tinymce.html
17:06 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/gallery.html
17:06 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/pyfribidi.html
17:06 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/phpbb3.html
17:11 <jdstrand> [TOPIC] Miscellaneous and Questions
17:11 <jdstrand> Does anyone have any other questions or items to discuss?
17:21 <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks!
17:21 <jdstrand> #endmeeting