16:32 #startmeeting 16:32 Meeting started Mon Mar 16 16:32:09 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:32 16:32 Available commands: action commands idea info link nick 16:32 The meeting agenda can be found at: 16:32 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 [TOPIC] Announcements 16:32 Stefan Bader (smb) provided debdiffs for xen for precise to utopic 16:32 Christian Hertel provided a debdiff for tntnet for precise (LP: #1430750) 16:32 Launchpad bug 1430750 in tntnet (Ubuntu) "Insecure Default Config leads to security issue" [Undecided,Fix released] https://launchpad.net/bugs/1430750 16:32 Your contributions are very much appreciated and will keep Ubuntu users secure. Great job! :) 16:32 [TOPIC] Weekly stand-up report 16:32 jdstrand: you're up 16:35 lets come back to him 16:35 mdeslaur: go ahead 16:36 oh sorry 16:36 I can go now or after mdeslaur 16:37 jdstrand: go ahead :) 16:37 ok 16:37 so, the performance reviews are all done 16:38 I've been discussing snappy signatures and hashes with mvo, tyhicks and mdeslaur. we are getting real close to agreement. after which, I'll write it up 16:38 I will be working on snappy hw access this week, and snappy frameworks 16:39 all this snappy work will lead into more review tools work as well as click-apparmor 16:39 I'm also working on an embargoed issue 16:39 that's it from me 16:39 I'm on triage this week 16:40 I just published some USNs 16:40 I plan on working on php5, libav, and an embargoed issue this week 16:40 that's about it for me, sbeattie? 16:40 I'm in the happy place this week. 16:41 I'm currently refreshing my gcc-5 pie package against newer versions in the toolchain-r ppa 16:41 after that, will continue testing there. 16:41 I need to do some apparmor patch review 16:42 oh I didn't get to the dhclient not getting its profile applied under snappy, will poke more at that this week 16:42 that's it for me, tyhicks? 16:43 I'm on the community role this week 16:44 today, I'll be working on testing and fixing any bugs found in the libapparmor aa_features string parsing routines 16:44 jjohansen thinks he spotted a bug (he's probably right) and that patch really needs tests 16:45 after that, I think we're really close to landing the libapparmor parser cache API in upstream AppArmor 16:45 I'll also be working on AppArmor kernel keyring mediation for user data encryption 16:46 and, if I have time, I'll finish up the patches to fix bug #1430532 and send them out for review 16:46 bug 1430532 in AppArmor "libapparmor needs a public function to break a context into a label and mode" [Medium,In progress] https://launchpad.net/bugs/1430532 16:46 that's it for me 16:46 jjohansen: you're up 16:47 I am on apparmor again this week. I need to finish up with my patches for Bug 1431717, Bug 1430546. I need to follow up with the latest Bug fixes pushed to the kernel team and make sure all patches are on all the kernels they should be. 16:47 I'm sure there will be some more to do around the libapparmor cache API, and once that lands I can push my series around dfa testing. 16:47 And then its back to the upstreaming work. 16:47 bug 1431717 in AppArmor "audit qualifier does not become effective" [Undecided,Confirmed] https://launchpad.net/bugs/1431717 16:47 bug 1430546 in linux (Ubuntu) "apparmor kernel BUG kills firefox" [Medium,Triaged] https://launchpad.net/bugs/1430546 16:48 jjohansen: there's an email to the lsm list that you should probably have a look at 16:48 jjohansen: it is in the stacked lsm patch set thread 16:48 tyhicks: yeah there are several emails to the list I need to reply too 16:49 jjohansen: stephen smalley points out a potential layering issue in apparmor 16:49 yep 16:50 that is it for /me sarnold you're up 16:50 I'm on bug triage this week, and it's another short week for me 16:51 there are outstanding MIR requests and outstanding openstack testing and updates to work on, not sure which ones I'm going to work on this week, but both are large enough that it's unliekly either one will be completed 16:52 I'll talk with tyhicks afterwards to figure out the priorities 16:52 chrisccoulson? 16:52 Hi :) 16:53 This week, I'm still trying to remove Oxide's dependency on GL share groups. I have a prototype, but it doesn't work yet 16:53 I've also got an embargoed issue to fix 16:53 other than that, I'm hoping for no surprises this week :) 16:53 that's me done 16:54 chrisccoulson: were you able to get to all the pending merge request reviews last week? 16:55 chrisccoulson: it's been at least 24 hours without a flash update, so perhaps you'll get one of those :) 16:55 heh 16:55 tyhicks, not all. But the most important ones are done 16:55 chrisccoulson: good! :) 16:56 [TOPIC] Highlighted packages 16:56 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:56 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:56 http://people.canonical.com/~ubuntu-security/cve/pkg/oftc-hybrid.html 16:56 http://people.canonical.com/~ubuntu-security/cve/pkg/xlhtml.html 16:56 http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-4.9-powerpc-cross.html 16:56 http://people.canonical.com/~ubuntu-security/cve/pkg/feh.html 16:56 http://people.canonical.com/~ubuntu-security/cve/pkg/python-rply.html 16:56 [TOPIC] Miscellaneous and Questions 16:56 Does anyone have any other questions or items to discuss? 16:58 jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, chriscoulson: thanks! 16:58 #endmeeting