16:34 <jdstrand> #startmeeting 16:34 <meetingology> Meeting started Mon Nov 24 16:34:21 2014 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:34 <meetingology> 16:34 <meetingology> Available commands: action commands idea info link nick 16:34 <jdstrand> The meeting agenda can be found at: 16:34 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:34 <jdstrand> [TOPIC] Announcements 16:34 <jdstrand> Felix Geyer (debfx) provided debdiffs for precise-utopic for quassel (LP: #1388333) 16:34 <ubottu> Launchpad bug 1388333 in quassel (Ubuntu Utopic) "CVE-2014-8483: out-of-bounds read in ECB Blowfish decryption" [Undecided,Fix released] https://launchpad.net/bugs/1388333 16:34 <jdstrand> Otto Kekäläinen (otto) provided debdiffs for precise-utopic for mariadb-5.5 (LP: #1391676) 16:34 <ubottu> Launchpad bug 1391676 in mariadb-5.5 (Ubuntu) "USN-2384-1: MySQL vulnerabilities partially also applies to MariaDB" [Undecided,Fix released] https://launchpad.net/bugs/1391676 16:34 <jdstrand> Jonathan Riddell (Riddell) provided debdiffs for precise-utopic for kde-runtime (LP: #1393479) 16:34 <ubottu> Launchpad bug 1393479 in webkitkde (Ubuntu Vivid) "security: Insufficient Input Validation By IO Slaves and Webkit Part" [Undecided,Fix released] https://launchpad.net/bugs/1393479 16:34 <jdstrand> Jonathan Riddell (Riddell) provided debdiffs for precise-utopic for webkitkde (LP: #1393479) 16:34 <jdstrand> Thanks to everyone for providing these updates. Your work is very much appreciated and will keep our users secure. Great job! :) 16:35 <jdstrand> [TOPIC] Weekly stand-up report 16:35 <jdstrand> I'll go first 16:35 <jdstrand> I'm on community 16:35 <jdstrand> I've got a very short week this week, with me taking of wed-fri 16:36 <jdstrand> I will be working on the click-reviewers-tools and some embargoed issues 16:36 <jdstrand> mdeslaur: you're up 16:36 <mdeslaur> I'm in the happy place this week 16:36 <mdeslaur> I'm still working on clamav updates 16:37 <mdeslaur> and have a few others to prepare 16:37 <mdeslaur> I'm on patch piloting duty tomorrow also 16:37 <mdeslaur> that's it! sbeattie, you're up 16:37 <tyhicks> I'll go 16:38 <tyhicks> I have a little bit of ecryptfs maintenance to catch up on from when I was out last friday 16:39 <tyhicks> then I'm back to making the apparmor cache code into a library (I expect patches to go out this week) and bug #1362469 16:39 <ubottu> bug 1362469 in dbus (Ubuntu) "AppArmor unrequested reply protection generates unallowable denials" [Medium,In progress] https://launchpad.net/bugs/1362469 16:39 <tyhicks> that's it for me 16:39 <tyhicks> I don't see jj 16:39 <tyhicks> are you around, sarnold? 16:39 * sbeattie is here 16:39 <tyhicks> have at it, sbeattie :) 16:40 <sbeattie> I'm again working on the gcc pie-by-default-on-amd64 patches, polishing and testing those. 16:40 <sbeattie> I have some apparmor reviews and other bits to do. 16:40 <sbeattie> I'm also on a short week this week, as I have thurs and fri off. 16:40 <sbeattie> that's it for me. 16:41 <sbeattie> chrisccoulson: you want to go? 16:42 <chrisccoulson> I shall be testing the chromium update this week. I got through some oxide review last week - I still have a bit to review for mediahub branch of oxide 16:42 <chrisccoulson> once I've finished https://code.launchpad.net/~chrisccoulson/oxide/top-header-controls off, I shall be working on bug 1326070 16:42 <ubottu> bug 1326070 in Oxide "Add support for context menus" [High,In progress] https://launchpad.net/bugs/1326070 16:43 <chrisccoulson> other than that, it should hopefully be business-as-usual this week (no surprises) :) 16:43 <jdstrand> cool 16:44 <jdstrand> [TOPIC] Highlighted packages 16:44 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:44 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:44 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/squirrelmail.html 16:44 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/kolabd.html 16:44 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/glusterfs.html 16:44 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/ldns.html 16:44 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/golang.html 16:44 <jdstrand> [TOPIC] Miscellaneous and Questions 16:44 <jdstrand> Does anyone have any other questions or items to discuss? 16:49 <jdstrand> mdeslaur, sbeattie, tyhicks, chrisccoulson: thanks 16:49 <jdstrand> #endmeeting