16:37 <tyhicks> #startmeeting 16:37 <meetingology> Meeting started Mon Apr 13 16:37:03 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:37 <meetingology> 16:37 <meetingology> Available commands: action commands idea info link nick 16:37 <tyhicks> The meeting agenda can be found at: 16:37 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:37 <chrisccoulson> hi 16:37 <tyhicks> [TOPIC] Announcements 16:38 <tyhicks> Johan Van de Wauw (johanvdw) provided debdiffs for trusty-vivid for freexl (LP: #1437087) 16:38 <ubottu> Launchpad bug 1437087 in freexl (Ubuntu) "Multiple vulnerabilities in freexl 1.0.0" [Undecided,Fix released] https://launchpad.net/bugs/1437087 16:38 <tyhicks> Thomas Ward (teward) provided a debdiff for utopic for wireshark (LP: #1440202) 16:38 <ubottu> Launchpad bug 1440202 in wireshark (Ubuntu Trusty) "[Security] April 3 2015 - 6 New CVEs affect Wireshark" [Medium,Confirmed] https://launchpad.net/bugs/1440202 16:38 <tyhicks> Stefan Bader (smb) provided debdiffs for trusty and utopic for xen 16:38 <tyhicks> Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 16:38 <tyhicks> [TOPIC] Weekly stand-up report 16:39 <tyhicks> jdstrand: I think you're busy right now so we're going to skip ahead to mdeslaur 16:39 <mdeslaur> \o 16:39 <mdeslaur> I'm on triage this week 16:39 <mdeslaur> and I have a half-day off on wednesay 16:39 <mdeslaur> I just published some tasty and delicious ntp updates 16:39 <mdeslaur> and I'm currently testing a bunch of libx11-related updates 16:40 <mdeslaur> I have an embargoed issue to release tomorrow also 16:40 <mdeslaur> and a few more things to work on after that 16:40 <mdeslaur> that's about it, sbeattie, you're up 16:40 <sbeattie> I'm in the happy place this week 16:41 <sbeattie> I'm trying to review apparmor patches and pull things together for a trusty SRU and 2.9.2 release (to base the python utils in the SRU off of) 16:42 <tyhicks> very nice 16:42 <sbeattie> I've also again got gcc pie on my plate 16:42 <sbeattie> that's the plan for this week. tyhicks? 16:43 <tyhicks> sbeattie: all that is left for the gcc pie work is to benchmark a number of programs before the next dev release archive opens? 16:44 <sbeattie> I still want to do a bit more test builds against it to look for build breakages. 16:44 <sbeattie> (as well as the benchmarking, that is) 16:45 <tyhicks> sbeattie: ok - those are two pretty important items so let me know if anything unexpected pops up this week 16:45 <sbeattie> okay 16:46 <tyhicks> sbeattie: we'll try to find someone else to handle any distractions :) 16:46 <tyhicks> I'm handling the community role this week 16:47 <tyhicks> my planned work looks quite a bit like last week 16:47 <tyhicks> Vivid systemd/sbuild/schroot bugs (LP: #1427264) (LP: #1438942) 16:47 <ubottu> Launchpad bug 1427264 in click (Ubuntu) "using ecryptfs, creating frameworks fail to bind mount issues" [High,Triaged] https://launchpad.net/bugs/1427264 16:47 <ubottu> Launchpad bug 1438942 in schroot (Ubuntu) "Host's /dev/shm is mounted over when entering 14.10 and older sbuild schroots" [High,Confirmed] https://launchpad.net/bugs/1438942 16:47 <tyhicks> Restart work on AppArmor kernel keyring mediation for user data encryption 16:47 <tyhicks> Send out the patches to fix bug #1430532 16:47 <ubottu> bug 1430532 in AppArmor "libapparmor needs a public function to break a context into a label and mode" [Medium,In progress] https://launchpad.net/bugs/1430532 16:47 <tyhicks> I worked on those ^ patches yesterday and I hope to send them out shortly 16:48 <tyhicks> that's it for me 16:48 <tyhicks> jjohansen: you're up 16:48 <jdstrand> tyhicks: fyi, I can give an update 16:48 <tyhicks> ok 16:48 <tyhicks> jjohansen: hang on a sec 16:49 <tyhicks> jdstrand: go ahead :) 16:49 <jdstrand> I'm sprinting with the ubuntu core team this week 16:49 <jdstrand> focusing on snappy, specifically seccomp and review tools 16:49 <jdstrand> I think that is it from me 16:50 <tyhicks> jdstrand: thanks! no need to stick around here - get back to the sprint :) 16:50 <tyhicks> jjohansen: go ahead 16:50 <jdstrand> hehe, thanks! :) 16:51 <jjohansen> I'll be getting back to apparmor upstream cleanup again this week. I also have some stuff to do to get ready for the monthly apparmor meeting tomorrow, and an embargoed issue 16:53 <jjohansen> that is it from me sarnold you're up 16:53 <sarnold> I'm on bug triage this week; I'm working on the python-cryptography MIR; perhaps the conntrac MIR, perhaps the outstanding openstack update tests. I may also do some smallish apparmor patch reviews as focus/attention span permits 16:54 <sarnold> that's it for me, chrisccoulson? 16:54 <chrisccoulson> I've got Oxide updates to do this week. I'll also be handling an embargoed issue 16:55 <chrisccoulson> I'm going to spend some time getting Firefox on precise in shape, ready for the next release in a few weeks 16:55 <chrisccoulson> other than that, I'll be working though Oxide bugs as usual 16:56 <tyhicks> chrisccoulson: have you had a chance to get FF building in precise yet? (I don't think you've had much time to work on it) 16:56 <chrisccoulson> tyhicks, I've got it building fine, but without the hardening flags (hardening-wrapper doesn't work, as the new compiler is installed in /usr/lib/gcc-mozilla/bin/g++) 16:57 <tyhicks> ah 16:57 <tyhicks> sounds like nice progress :) 16:57 <tyhicks> [TOPIC] Highlighted packages 16:57 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:58 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:58 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libnids.html 16:58 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/sanlock.html 16:58 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/krb5.html 16:58 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/pdns.html 16:58 <tyhicks> [TOPIC] Miscellaneous and Questions 16:58 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/getmail4.html 16:58 <tyhicks> Does anyone have any other questions or items to discuss? 17:00 <tyhicks> mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! 17:00 <tyhicks> #endmeeting