16:35 <tyhicks> #startmeeting 16:35 <meetingology> Meeting started Mon Mar 9 16:35:27 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:35 <meetingology> 16:35 <meetingology> Available commands: action commands idea info link nick 16:35 <tyhicks> The meeting agenda can be found at: 16:35 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:35 <tyhicks> [TOPIC] Weekly stand-up report 16:35 <tyhicks> jdstrand: you're up 16:38 <jdstrand> today I am working on finishing up the review tools tests for snappy with what is currently defined in the packaging yaml 16:38 <jdstrand> I made a lot of progress last week and my changes introduced no regression with click reviews 16:38 <jdstrand> I have some finetuning to do for snappy 16:39 <jdstrand> I'll be doing uploads and syncing with the store team 16:39 <jdstrand> I have performance reviews to do 16:39 <jdstrand> that will be my main focus for the rest of today and coming days 16:39 <jdstrand> I hope to pickup the frameworks and hw access topics for snappy later in the week 16:39 <jdstrand> that's it from me 16:40 <mdeslaur> my turn I guess 16:40 <jdstrand> ah yes, sorry 16:40 <jdstrand> mdeslaur: you're up :) 16:40 <mdeslaur> I'm working on fixing the ABI break that broke the icu update last week 16:41 <mdeslaur> and after that, I have php5 and apache CVEs to fix 16:41 <jdstrand> was that only on precise? 16:41 <mdeslaur> yeah, only precise 16:41 <mdeslaur> I reverted the fix for now, so no rush 16:41 <mdeslaur> but I think I've got it now 16:41 <mdeslaur> that's pretty much it for me, sbeattie, you're up 16:41 <sbeattie> I'm on community this week 16:42 <sbeattie> I managed to get snappy set up, and am seeing the same dhclient profile issue that jdstrand saw. 16:42 <sbeattie> I need to get back to gcc testing 16:43 <sbeattie> Sorry, I plan to dig into the systemd/dhclient issue a bit more. 16:43 <sbeattie> I also need to review some apparmor patches and prepare for our monthly meeting. 16:44 <sbeattie> I think that's it for me. tyhicks? 16:44 <tyhicks> I'm on the bug triage role this week 16:45 <tyhicks> I am running an ecryptfs-update through some automated tests that I wrote last week and kirkland is doing manual testing 16:45 <tyhicks> that means that the ecryptfs-utils fix will land upstream and in ubuntu today if testing all goes as planned 16:46 <tyhicks> (stable releases and vivid) 16:46 <tyhicks> I expect to spend some time addressing feedback from the libapparmor cache loading patches that I sent to the list last week 16:47 <tyhicks> hopefully we can get all of those reviewed and landed upstream this week with a landing in vivid happening shortly after 16:47 <tyhicks> and I'll be working on AppArmor kernel keyring mediation for user data encryption 16:48 <tyhicks> jjohansen and I need to do one last sync regarding the apparmor and overlayfs issues and then pass some info around that back to jdstrand 16:48 <tyhicks> that's it for me 16:48 <tyhicks> jjohansen: you're up 16:49 <jjohansen> I am on apparmor again this week. I have some stuff to prepare for tomorrows apparmor meeting. I am going to finish up the patch review I started last week, I expect discuss the libapparmor policy api some more. Possibly file some bugs for the vivid issues that are annoying me the most. 16:49 <jjohansen> I need to follow-up with the kernel team on where Bug 1423810 and 1408833 are at (not applied yet). 16:49 <jjohansen> there will be some discussion around the overlayfs issue with tyhicks and jdstrand 16:49 <jjohansen> And of course do some more upstream cleanup, and submit a small set of patches upstream. 16:49 <ubottu> bug 1408833 in AppArmor "broken postinst test for uvtool-libvirt on utopic" [Undecided,Confirmed] https://launchpad.net/bugs/1408833 16:49 <ubottu> bug 1423810 in linux-manta (Ubuntu) "apparmor fd_inheritance regression test causes kernel to crash on touch kernel backports" [Medium,In progress] https://launchpad.net/bugs/1423810 16:50 <jjohansen> I think that is it from me, sarnold you're up 16:51 <sarnold> I'm one cve triage this week, it's another short week for me; I'm also working on MIR audits, and will switch over to openstack work wheh the server team has precise-essex work finished. I could do the TestungOpenstack stuff with locasl vms, but I'm feeling mighty behind on MIRs 16:51 <sarnold> I thihnk that's it for me, chrisccoulson? 16:52 <chrisccoulson> This week, I shall be continuing work on 2 Meizu bugs. Hopefully will have those done this week 16:53 <chrisccoulson> I still also need to get oxide out (that will probably be tomorrow) 16:53 <chrisccoulson> I've just got Chromium and Firefox updates out 16:53 <chrisccoulson> And I plan to work on my review queue as well 16:53 <chrisccoulson> I think that's about it 16:54 <tyhicks> chrisccoulson: by "get oxide out", do you mean an upstream release? 16:54 <tyhicks> (and if so, what will that version number be?) 16:54 <chrisccoulson> tyhicks, yeah - that's the version in https://launchpad.net/~ubuntu-mozilla-security/+archive/ubuntu/ppa 16:55 <tyhicks> chrisccoulson: thanks! 16:55 <jdstrand> sarnold: re precise-essex openstack work> is there progress on that? (ie, is the server team actively working on making it happen)? 16:55 <tyhicks> sarnold: I think you should only use TestingOpenstack for precise testing 16:56 <tyhicks> sarnold: and serverstack for everything else 16:56 <jdstrand> sarnold and I discussed that a bit before 16:57 <jdstrand> there is a vm I uploaded that is TestingOpenstack, TestingOpenstack is up to date for precise and QRT test-openstack.py has a --setup-something that should mostly work for openstack 16:58 <tyhicks> jdstrand: there was an update on the serverstack precise-essex status last week: https://bugs.launchpad.net/openstack-charm-testing/+bug/1423579/comments/2 16:58 <ubottu> Launchpad bug 1423579 in OpenStack Charm Testing "essex bundle needed for testing as it is in-support for +3yrs" [High,New] 16:58 <tyhicks> jdstrand: we'll need to follow up to see what their current feeling is regarding precise-essex support 16:59 <tyhicks> sarnold: can you do that follow up? ^ 17:00 <jdstrand> tyhicks: yeah-- that is what prompted my question. I wasn't sure if there was more beyond that 17:01 <tyhicks> sarnold: 2 or 3 weeks back, we decided to shift focus to a few urgent MIRs and then last week we decided to continue MIR work while waiting one more week for serverstack to gain precise-essex support 17:02 <tyhicks> sarnold: I don't think we should push the updates back any more unless there are MIRs that are very urgent 17:02 <tyhicks> we can discuss this more offline 17:03 <tyhicks> jjohansen: the kernel is at 4.0-rc3 17:03 <jjohansen> tyhicks: yep 17:03 <tyhicks> jjohansen: that only gives you 2 or 3 weeks to prepare a pull request in order to land patches in 4.1 17:04 <jjohansen> tyhicks: right, I need to get the first small series up this week 17:04 <tyhicks> jjohansen: cool - I think libapparmor patch review and preparing a kernel patch series for upstreaming are the two biggest items for you this week 17:05 <jjohansen> right 17:05 <tyhicks> (and it already sounds like those are the biggest items that you're thinking about) 17:05 <tyhicks> cool 17:05 <sarnold> tyhicks: okay; I st5ill need to finish the actual MIR bits of python-saml2 and python-repoze.who; 1381450 and 1427852 and 1427861 are still not yet started 17:06 <tyhicks> sarnold: ok, lets discuss more after the meeting 17:06 <tyhicks> [TOPIC] Highlighted packages 17:06 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 17:06 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 17:06 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/xpdf.html 17:06 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/exactimage.html 17:06 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/zookeeper.html 17:06 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libuser.html 17:06 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/jquery-jplayer.html 17:06 <tyhicks> [TOPIC] Miscellaneous and Questions 17:07 <tyhicks> Does anyone have any other questions or items to discuss? 17:08 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: thanks! 17:08 <tyhicks> #endmeeting