16:32 <tyhicks> #startmeeting 16:32 <meetingology> Meeting started Mon Feb 2 16:32:28 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:32 <meetingology> 16:32 <meetingology> Available commands: action commands idea info link nick 16:32 <tyhicks> The meeting agenda can be found at: 16:32 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 <mdeslaur> \o 16:33 <tyhicks> [TOPIC] Weekly stand-up report 16:33 <tyhicks> mdeslaur: you're up 16:33 <mdeslaur> I'm doing regular CVE updates 16:33 <mdeslaur> 'm on community this week 16:33 <mdeslaur> and I have patch piloting tomorrow 16:33 <mdeslaur> that's it from me, sbeattie 16:34 <sbeattie> I'm still working on the binutils update; it got even more complex than I expected, as it looks like there were additional issues fixed upstream that didn't get CVEs assigned. 16:34 <sbeattie> after that, I'm back to gcc and some apparmor review. 16:35 <sbeattie> that's pretty much it for me. tyhicks? 16:35 <tyhicks> my status looks similar to last week but I have made progress on most of the things 16:35 <tyhicks> I've found the root cause of the AppArmor dbus-daemon bug (LP: #1362469) 16:36 <ubottu> Launchpad bug 1362469 in dbus (Ubuntu) "AppArmor unrequested reply protection generates unallowable denials" [Medium,In progress] https://launchpad.net/bugs/1362469 16:36 <jjohansen> oh nice 16:36 <tyhicks> I need to discuss the potential fixes with the rest of the AA devs and decide on what we want to do 16:36 <tyhicks> I still need to propose v2 of the libapparmor aa_features API 16:36 <tyhicks> I want to do that early this week 16:37 <tyhicks> The patch security updates are ready to go out as soon as I track down a new test failure on lucid 16:37 <tyhicks> and then I hope to get a little work done on the User Data Encryption work items 16:37 <tyhicks> that's it for me 16:37 <tyhicks> I don't see sarnold 16:37 <tyhicks> jjohansen: you're up 16:38 <jjohansen> so I will be discussing v2 libapparmor aa_features API, and dbus :) 16:38 <tyhicks> :) 16:39 <sbeattie> hehe 16:40 <jjohansen> I have to get a second revision of the patch for the deleted socket mediation for a bug that's number is saddly going to take more digging than I am going to spend time on right now (sorry I thought I had it open) 16:40 <jjohansen> there will be some USNs as the kernel cycle finishes up and the next one starts 16:41 <jjohansen> and I will be doing work on the kernel code for upstreaming 16:42 <jjohansen> thats it, I don't see sarnold so back to tyhicks 16:42 <tyhicks> jjohansen: shoot me that bug number when you find it later (I'm not sure which bug that is) 16:42 <jjohansen> tyhicks: already looking 16:43 <tyhicks> ok 16:43 <tyhicks> [TOPIC] Highlighted packages 16:43 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:43 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:43 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/9base.html 16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/linkchecker.html 16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libplack-perl.html 16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-4.5-armhf-cross.html 16:44 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/lightdm-gtk-greeter.html 16:44 <tyhicks> [TOPIC] Miscellaneous and Questions 16:44 <tyhicks> Does anyone have any other questions or items to discuss? 16:46 <tyhicks> mdeslaur, sbeattie, jjohansen: thanks! 16:46 <tyhicks> #endmeeting