16:33 <tyhicks> #startmeeting 16:33 <meetingology> Meeting started Mon Apr 20 16:33:15 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:33 <meetingology> 16:33 <meetingology> Available commands: action commands idea info link nick 16:33 <chrisccoulson> hi 16:33 <tyhicks> The meeting agenda can be found at: 16:33 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:33 <tyhicks> [TOPIC] Weekly stand-up report 16:33 <tyhicks> jdstrand: you're up 16:38 <jdstrand> ]sorry 16:38 <jdstrand> this week is again, snappy focused 16:39 <jdstrand> I plan on working on finalizing the seccomp glue layer today and test the applied policies, updating ubuntu-core-security as necessary 16:40 <jdstrand> I also need a piece for updating the already generated policies when ubuntu-core-security-seccomp is updated (like we do with apparmor-easyprof-ubuntu) 16:41 <jdstrand> I made a change to snappy for updating dbus bus policy last week and need to make a change to snappy build to make it fail if the package.yaml is malformed when bus-name is specified 16:41 <jdstrand> (not apparmor related) 16:41 <jdstrand> then review tools 16:41 <tyhicks> whew 16:41 <tyhicks> lots of stuff :) 16:42 <jdstrand> yeah 16:42 <jdstrand> that's it from me 16:42 <tyhicks> mdeslaur: you're up 16:42 <mdeslaur> I just published some php5 updates 16:42 <mdeslaur> and am currently working on new mysql versions 16:42 <mdeslaur> after that, I'll be going down the list, there's stuff piling up 16:43 <mdeslaur> that's pretty much it...oh, I am on bug triage this week 16:43 <mdeslaur> that's it for me, sbeattie, tag, you're it. 16:43 <sbeattie> I'm on cve triage this week 16:44 <sbeattie> I'm finishing up openjdk testing, though I've hit a small snag where the icedtea plugin isn't working in my test environment on trusty/i386 (but other i386 and trusty/amd64 worked fine), so I need to dig in a bit to what's going on there 16:45 <sbeattie> I also need to finish releasing apaprmor 2.9.2 and merge the python bits into my in progress trusty sru. 16:45 <sbeattie> and also continue the gcc-pie work 16:45 <sbeattie> that's my week. tyhicks? 16:46 <tyhicks> I'm in the happy place this week 16:46 <tyhicks> I'm going to review the snappy launcher code 16:46 <tyhicks> I'll also review some snippets at the request of IS 16:46 <tyhicks> still need to revisit the Vivid systemd/sbuild/schroot bugs (LP: #1427264) (LP: #1438942) 16:46 <ubottu> Launchpad bug 1427264 in click (Ubuntu) "using ecryptfs, creating frameworks fail to bind mount issues" [High,Triaged] https://launchpad.net/bugs/1427264 16:46 <ubottu> Launchpad bug 1438942 in schroot (Ubuntu) "Host's /dev/shm is mounted over when entering 14.10 and older sbuild schroots" [High,Confirmed] https://launchpad.net/bugs/1438942 16:46 <tyhicks> and still need to restart work on AppArmor kernel keyring mediation for user data encryption 16:47 <tyhicks> that's it for me 16:47 <tyhicks> jjohansen: you're up 16:48 <jjohansen> I'm working on the apparmor upstream cleanup again this week. I'll kick in any help on 2.9.2 and 2.10 that sbeattie needs 16:48 <jjohansen> and I have some kernel sru prep for the current release cycle 16:49 <tyhicks> nice 16:49 <tyhicks> sounds like you'll get some time to focus on the upstreaming effort this week 16:50 <jjohansen> yes 16:50 <jjohansen> I think that is it for me sarnold you are up 16:51 <sarnold> I'm on community this week 16:52 <sarnold> I'm going to be continuing my travels through openstack country, my travelogues will be for sale in the gift shop.. 16:52 <sarnold> I'll also try to do some minor apparmor patch reviews as interest allows 16:52 <sarnold> that's it for me, chrisccoulson? 16:53 <tyhicks> sarnold: last week you mentioned the conntrack mir 16:53 * tyhicks checks on the status 16:53 <chrisccoulson> This week, I've probably got a firefox update. I also need to get oxide 1.6 out 16:53 <tyhicks> (LP: #1381450) 16:54 <ubottu> Launchpad bug 1381450 in conntrack (Ubuntu) "[MIR] conntrack, libnetfilter-queue, libnetfilter-cttimeout, libnetfilter-cthelper" [Medium,Confirmed] https://launchpad.net/bugs/1381450 16:54 <chrisccoulson> I'll be spending some time to work through code reviews 16:54 <sarnold> tyhicks: yeah, I didn't get to it, and I suspect it's too late for this cycle at this point; if you think it isn't, I'd be happy to pick it up asap.. 16:54 <chrisccoulson> other than that, I'm working through the list of bugs as usual 16:54 <chrisccoulson> That's me done 16:54 <tyhicks> sarnold: ok, we'll discuss it a little more afterwards 16:56 <tyhicks> [TOPIC] Highlighted packages 16:57 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:57 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libxml-security-java.html 16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/mediawiki-extensions.html 16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/maven-indexer.html 16:57 <tyhicks> [TOPIC] Miscellaneous and Questions 16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/unace.html 16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/not-yet-commons-ssl.html 16:57 <tyhicks> Does anyone have any other questions or items to discuss? 16:58 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! 16:58 <tyhicks> #endmeeting