16:47 <jdstrand> #startmeeting 16:47 <meetingology> Meeting started Mon Sep 29 16:47:44 2014 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:47 <meetingology> 16:47 <meetingology> Available commands: action commands idea info link nick 16:47 <jdstrand> The meeting agenda can be found at: 16:47 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:48 <jdstrand> [TOPIC] Announcements 16:48 <jdstrand> Thanks to Jonathan Riddell (jr) who provided a debdiff for trusty for krfb (LP: #1374043). Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 16:48 <ubottu> Launchpad bug 1374043 in krfb (Ubuntu Utopic) "vulnerabilities in libvncserver" [Undecided,Fix released] https://launchpad.net/bugs/1374043 16:48 <jdstrand> [TOPIC] Review of any previous action items 16:48 <jdstrand> I'll go first 16:49 <jdstrand> last week I did quite a bit with apparmor and didn't do much else of what I planned. the good news is that utopic and rtm should be good to go with our current caching plans 16:50 <jdstrand> this week I'm on triage 16:50 <jdstrand> I plan to sponsor apparmor updates as I get them, and fix bugs as they come in 16:51 <jdstrand> I need to write policy for the ubuntu-downloader-manager uncompress helper 16:51 <jdstrand> and finetune the docker.io policy (I finished lxc and libvirt-lxc last week) 16:51 <jdstrand> I plan to adjust UCT for derivative branches 16:51 <jdstrand> have some click-reviewers-tools updates 16:51 <jdstrand> and patch piloting 16:52 <jdstrand> mdeslaur: you're up :) 16:52 <mdeslaur> I'm currently pushing out some libvncserver updates 16:52 <mdeslaur> and have a couple more in the list to work on 16:53 <mdeslaur> we may be getting more bash updates and possibly a regression fix this week, but the latest update should mitigate further parser issues 16:53 <mdeslaur> so the other updates aren't critical 16:53 <mdeslaur> friday I'm off 16:53 <mdeslaur> and...I'm on community this week 16:53 <mdeslaur> that's it for me, sbeattie? 16:54 <sbeattie> I'm currently poking at QRT, fixing up the kernel security checking script to compensate for a change in the reporting behavior around capabilities. 16:55 <sbeattie> I'm on apparmor this week; I need to review one last patch from tyhicks on the regression tests and a parser patch from jjohansen. 16:55 <tyhicks> thanks for all the patch review you did last week 16:55 <sbeattie> I'll also work on pulling an updated snapshot into utopic, as its only been bug fixes since our last snapshot. 16:56 <sbeattie> that's pretty much it for me. tyhicks? 16:56 <tyhicks> I'm just about done getting caught up from vacation last week 16:57 <tyhicks> I'm in the process of committing the apparmor AF_UNIX regression test patches that sbeattie reviewed for me 16:57 <tyhicks> I'll also send out an additional patch or two today to add a few more tests that he suggested 16:57 <tyhicks> after that, I'd like to get to a few things that I've had to ignore lately 16:58 <tyhicks> there are lots of comments that I need to respond to and/or address in the upstream dbus bug for apparmor mediation 16:58 <tyhicks> I need to prepare for the upcoming kernel merge window to get a few ecryptfs kernel fixes in 16:59 <tyhicks> other general ecryptfs maint duties that I've ignored recently 16:59 <tyhicks> and then it'd be nice to get back to the apparmor caching patches I was working on 16:59 <tyhicks> that's it for me 16:59 <tyhicks> jjohansen: you're up 17:00 <jjohansen> I am working on apparmor bugs this week. We will see if we can't get the last few kernel/parser bugs finally squashed. 17:01 <jjohansen> I need some time on upstream apparmor to prepare for the next opportunity for upstreaming 17:02 <jjohansen> And I expect I will also do a little poking around to make sure my bits are in place for an upstream 2.9 release, which should happen real soon now 17:03 <jdstrand> jjohansen: if you need help with kernel testing, let me know 17:03 <jjohansen> jdstrand: yep, I will 17:04 <jjohansen> I think that is it for me, sarnold you're up 17:05 <sarnold> I'm in the happy place this week; I'm working on several MIR audits, chances are good those will take the entire week. I may do some quick apparmor patch reviews as refreshers depending upon how things go. 17:06 <sarnold> that's it for me, chrisccoulson? 17:07 <chrisccoulson> sorry, I'm a bit unprepared because I've been talking in another channel :) 17:07 <chrisccoulson> hold on 1 sec 17:09 <chrisccoulson> so, this week I shall be finishing code reviews (I did one this morning) 17:10 <chrisccoulson> and, fingers crossed, landing bug 1260016 17:10 <ubottu> bug 1260016 in oxide-qt (Ubuntu RTM) "Add an API to allow defining custom URL scheme delegates" [Critical,In progress] https://launchpad.net/bugs/1260016 17:10 <chrisccoulson> (I made quite a few changes last week in preparation for this) 17:10 <chrisccoulson> other than that, fixing bugs as they come in too 17:10 <chrisccoulson> I think that's me done 17:13 <jdstrand> re 1260016> \o/ 17:14 <jdstrand> chrisccoulson: I asked this in another channel, but since I have you here-- was the 2d canvas accel enabled for nexus devices? 17:15 <chrisccoulson> jdstrand, not yet. justin only provided the strings for krillin. I'm ok with that for now though (in the interests of avoiding scope creep) 17:19 <jdstrand> chrisccoulson: I understand that position. personally, as a dogfooder, I wouldn't mind that extending out since they said it worked there too (aiui) 17:19 <jdstrand> but anyhoo 17:19 * jdstrand was looking forward to having it on his phone, and was crushed to see it not there ;) 17:20 * jdstrand is not asking to change the decision, just providing user feedback 17:20 <jdstrand> ok, moving on 17:20 <jdstrand> [TOPIC] Highlighted packages 17:20 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 17:20 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 17:20 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/php-xajax.html 17:20 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/haskell-tls-extra.html 17:20 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/snack.html 17:21 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libicc.html 17:21 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/freeipa.html 17:21 <jdstrand> [TOPIC] Miscellaneous and Questions 17:21 <jdstrand> Does anyone have any other questions or items to discuss? 17:24 <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks! 17:24 <jdstrand> #endmeeting