16:37 #startmeeting 16:37 Meeting started Mon Apr 13 16:37:03 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:37 16:37 Available commands: action commands idea info link nick 16:37 The meeting agenda can be found at: 16:37 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:37 hi 16:37 [TOPIC] Announcements 16:38 Johan Van de Wauw (johanvdw) provided debdiffs for trusty-vivid for freexl (LP: #1437087) 16:38 Launchpad bug 1437087 in freexl (Ubuntu) "Multiple vulnerabilities in freexl 1.0.0" [Undecided,Fix released] https://launchpad.net/bugs/1437087 16:38 Thomas Ward (teward) provided a debdiff for utopic for wireshark (LP: #1440202) 16:38 Launchpad bug 1440202 in wireshark (Ubuntu Trusty) "[Security] April 3 2015 - 6 New CVEs affect Wireshark" [Medium,Confirmed] https://launchpad.net/bugs/1440202 16:38 Stefan Bader (smb) provided debdiffs for trusty and utopic for xen 16:38 Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 16:38 [TOPIC] Weekly stand-up report 16:39 jdstrand: I think you're busy right now so we're going to skip ahead to mdeslaur 16:39 \o 16:39 I'm on triage this week 16:39 and I have a half-day off on wednesay 16:39 I just published some tasty and delicious ntp updates 16:39 and I'm currently testing a bunch of libx11-related updates 16:40 I have an embargoed issue to release tomorrow also 16:40 and a few more things to work on after that 16:40 that's about it, sbeattie, you're up 16:40 I'm in the happy place this week 16:41 I'm trying to review apparmor patches and pull things together for a trusty SRU and 2.9.2 release (to base the python utils in the SRU off of) 16:42 very nice 16:42 I've also again got gcc pie on my plate 16:42 that's the plan for this week. tyhicks? 16:43 sbeattie: all that is left for the gcc pie work is to benchmark a number of programs before the next dev release archive opens? 16:44 I still want to do a bit more test builds against it to look for build breakages. 16:44 (as well as the benchmarking, that is) 16:45 sbeattie: ok - those are two pretty important items so let me know if anything unexpected pops up this week 16:45 okay 16:46 sbeattie: we'll try to find someone else to handle any distractions :) 16:46 I'm handling the community role this week 16:47 my planned work looks quite a bit like last week 16:47 Vivid systemd/sbuild/schroot bugs (LP: #1427264) (LP: #1438942) 16:47 Launchpad bug 1427264 in click (Ubuntu) "using ecryptfs, creating frameworks fail to bind mount issues" [High,Triaged] https://launchpad.net/bugs/1427264 16:47 Launchpad bug 1438942 in schroot (Ubuntu) "Host's /dev/shm is mounted over when entering 14.10 and older sbuild schroots" [High,Confirmed] https://launchpad.net/bugs/1438942 16:47 Restart work on AppArmor kernel keyring mediation for user data encryption 16:47 Send out the patches to fix bug #1430532 16:47 bug 1430532 in AppArmor "libapparmor needs a public function to break a context into a label and mode" [Medium,In progress] https://launchpad.net/bugs/1430532 16:47 I worked on those ^ patches yesterday and I hope to send them out shortly 16:48 that's it for me 16:48 jjohansen: you're up 16:48 tyhicks: fyi, I can give an update 16:48 ok 16:48 jjohansen: hang on a sec 16:49 jdstrand: go ahead :) 16:49 I'm sprinting with the ubuntu core team this week 16:49 focusing on snappy, specifically seccomp and review tools 16:49 I think that is it from me 16:50 jdstrand: thanks! no need to stick around here - get back to the sprint :) 16:50 jjohansen: go ahead 16:50 hehe, thanks! :) 16:51 I'll be getting back to apparmor upstream cleanup again this week. I also have some stuff to do to get ready for the monthly apparmor meeting tomorrow, and an embargoed issue 16:53 that is it from me sarnold you're up 16:53 I'm on bug triage this week; I'm working on the python-cryptography MIR; perhaps the conntrac MIR, perhaps the outstanding openstack update tests. I may also do some smallish apparmor patch reviews as focus/attention span permits 16:54 that's it for me, chrisccoulson? 16:54 I've got Oxide updates to do this week. I'll also be handling an embargoed issue 16:55 I'm going to spend some time getting Firefox on precise in shape, ready for the next release in a few weeks 16:55 other than that, I'll be working though Oxide bugs as usual 16:56 chrisccoulson: have you had a chance to get FF building in precise yet? (I don't think you've had much time to work on it) 16:56 tyhicks, I've got it building fine, but without the hardening flags (hardening-wrapper doesn't work, as the new compiler is installed in /usr/lib/gcc-mozilla/bin/g++) 16:57 ah 16:57 sounds like nice progress :) 16:57 [TOPIC] Highlighted packages 16:57 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:58 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:58 http://people.canonical.com/~ubuntu-security/cve/pkg/libnids.html 16:58 http://people.canonical.com/~ubuntu-security/cve/pkg/sanlock.html 16:58 http://people.canonical.com/~ubuntu-security/cve/pkg/krb5.html 16:58 http://people.canonical.com/~ubuntu-security/cve/pkg/pdns.html 16:58 [TOPIC] Miscellaneous and Questions 16:58 http://people.canonical.com/~ubuntu-security/cve/pkg/getmail4.html 16:58 Does anyone have any other questions or items to discuss? 17:00 mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! 17:00 #endmeeting