16:45 <tyhicks> #startmeeting 16:45 <meetingology> Meeting started Mon Apr 6 16:45:07 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:45 <meetingology> 16:45 <meetingology> Available commands: action commands idea info link nick 16:45 * sbeattie o/ 16:45 <tyhicks> The meeting agenda can be found at: 16:45 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:45 <tyhicks> [TOPIC] Announcements 16:46 <tyhicks> Thanks to Johan Van de Wauw (johanvdw) for security updates (14.04 through Vivid) for the community supported postgis (LP: #1438875) package last week. Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 16:46 <ubottu> Launchpad bug 1438875 in postgis (Ubuntu Vivid) "Database crash with invalid geoJSON input" [Medium,Fix released] https://launchpad.net/bugs/1438875 16:46 <tyhicks> [TOPIC] Weekly stand-up report 16:46 <tyhicks> jdstrand: you're up 16:46 <jdstrand> like last week, this week is snappy focused 16:47 <jdstrand> the security yaml bits landed last week for both apparmor and snappy and now I am writing review tools tests for that 16:48 <jdstrand> the framework policy bits landed last week for apparmor and is in review now for snappy. I wrote the review tools tests for that last week 16:48 <jdstrand> after I finish the security yaml review tools tests, I'm going to proceed to the hashes.yaml review tools tests 16:49 <jdstrand> I started the seccomp policy bits last week and will pick that up this week 16:49 <jdstrand> that's it from me 16:49 * sbeattie is up 16:49 <sbeattie> I'm on community this week. 16:50 <sbeattie> I have some more apparmor patches to review as well as trying to tie things up so we can do a trusty SRU with the python tools based on a 2.9.2 release 16:50 <sbeattie> And gcc-pie testing is still on my plate. 16:50 <tyhicks> perfect 16:51 <sbeattie> that's the priorities for my week. tyhicks, you're up. 16:51 <tyhicks> we need to get that trusty SRU out the door very soon 16:51 <sbeattie> yeah 16:51 <tyhicks> it is good to hear that we're getting close :) 16:52 <tyhicks> I'm on bug triage this week 16:52 <tyhicks> Vivid systemd/sbuild/schroot/kernel bugs (LP: #1427264) (LP: #1438942) (LP: #1439849) 16:52 <ubottu> Launchpad bug 1427264 in click (Ubuntu) "using ecryptfs, creating frameworks fail to bind mount issues" [High,Triaged] https://launchpad.net/bugs/1427264 16:52 <ubottu> Launchpad bug 1438942 in schroot (Ubuntu) "Host's /dev/shm is mounted over when entering 14.10 and older sbuild schroots" [High,Confirmed] https://launchpad.net/bugs/1438942 16:52 <ubottu> Launchpad bug 1439849 in linux (Ubuntu) "BUG: unable to handle kernel NULL pointer dereference at 0000000000000010" [High,In progress] https://launchpad.net/bugs/1439849 16:52 <tyhicks> Restart work on AppArmor kernel keyring mediation for user data encryption 16:52 <tyhicks> Finish up the patches to fix bug #1430532 and send them out for review 16:52 <ubottu> bug 1430532 in AppArmor "libapparmor needs a public function to break a context into a label and mode" [Medium,In progress] https://launchpad.net/bugs/1430532 16:53 <tyhicks> and either sarnold or myself need to get to the python-cryptography MIR (LP: #1430082) 16:53 <ubottu> Launchpad bug 1430082 in python-cryptography (Ubuntu) "[MIR] python-cryptography, python-cffi, pycparser, enum34" [High,New] https://launchpad.net/bugs/1430082 16:53 <tyhicks> that's it for me 16:53 <tyhicks> sarnold: you're up 16:53 <sarnold> I'm on cve triage this week 16:54 <sarnold> I finally feel like I'm getting the hang of the serverstack environment for openstack testing, too, which is nice; some things can be done via yaml and some things probably just need to be done via juju ssh --all 16:55 <sarnold> of course I still don't know why installing some new python glance libraries prevents new glance image uploads; the changes involved are about validating certificates, so perhaps it's supposed to fail now.. 16:56 <sarnold> and since test runs there take either ten minutes or an hour and ten minutes, there'll be some time for small tasks, perhaps a MIR or apparmor patch review 16:56 <sarnold> that's it for me, tyhicks? 16:56 <tyhicks> sarnold: how about bumping the version of the current in-archive glance, without making any other changes, and seeing if glance image uploads work then? 16:58 <tyhicks> we can continue the conversation offline 16:58 <tyhicks> [TOPIC] Highlighted packages 16:59 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:59 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:59 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/lib3ds.html 16:59 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libextlib-ruby.html 16:59 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/openarena.html 16:59 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/xmonad-contrib.html 16:59 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/lemonldap-ng.html 16:59 <tyhicks> [TOPIC] Miscellaneous and Questions 16:59 <tyhicks> Does anyone have any other questions or items to discuss? 17:00 <tyhicks> jdstrand, sbeattie, sarnold: Thanks! 17:00 <tyhicks> #endmeeting