16:38 <jdstrand> #startmeeting
16:38 <meetingology> Meeting started Mon May  4 16:38:56 2015 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:38 <meetingology> 
16:38 <meetingology> Available commands: action commands idea info link nick
16:39 <jdstrand> The meeting agenda can be found at:
16:39 <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:39 <jdstrand> [TOPIC] Announcements
16:39 <jdstrand> Andreas Cadhalpun (andreas-cadhalpun) provided a debdiff for vivid for ffmpeg (LP: #1436296)
16:39 <ubottu> Launchpad bug 1436296 in ffmpeg (Ubuntu) "FFmpeg security fixes March 2015" [Undecided,Fix released] https://launchpad.net/bugs/1436296
16:39 <jdstrand> Unit 193 (unit193) provided a debdiff for trusty and utopic for icecast2 (LP: #1449771)
16:39 <ubottu> Launchpad bug 1449771 in icecast2 (Ubuntu Vivid) "Multiple CVEs in 2.3.3-2ubuntu1 found in trusty" [Undecided,Confirmed] https://launchpad.net/bugs/1449771
16:39 <jdstrand> Felix Geyer (debfx) provided debdiffs for trusty-vivid for pdns (LP: #1450037)
16:39 <ubottu> Launchpad bug 1450037 in pdns (Ubuntu Vivid) "CVE-2015-1868" [Undecided,Fix released] https://launchpad.net/bugs/1450037
16:40 <jdstrand> Your work is very much appreciated and will keep Ubuntu users secure. Great job! :)
16:40 <jdstrand> [TOPIC] Weekly stand-up report
16:40 <jdstrand> I'll go first
16:40 <jdstrand> I plan to attend UOS, particularly for the core and convergence tracks
16:41 <jdstrand> then I'm working on the seccomp SRU
16:41 <jdstrand> (which is in progress)
16:41 <jdstrand> I've also got an ubuntu-core-security SRU I am preparing
16:42 <jdstrand> and then need to implement something for seccomp policy regeneration on policy updates for ubuntu core
16:42 <jdstrand> and review tools updates for snaps
16:42 <jdstrand> mdeslaur: you're up
16:42 <mdeslaur> I'm in the happy place this week
16:42 <mdeslaur> I have a short week as I'm off on thursday
16:42 <mdeslaur> I'm working on updates, and have a bunch more that are in various stages of testing
16:43 <mdeslaur> that's about it, sbeattie...
16:43 <sbeattie> I'm on community this week.
16:43 <sbeattie> I'll be keeping an eye on UOS as well
16:43 <chrisccoulson> hi :)
16:43 <sbeattie> I need to harangue mdeslaur or jdstrand to sponsor my rsyslog and apparmor SRUs for trusty.
16:44 <sbeattie> I also have a pending apparmor upload for wily when it opens
16:44 <sbeattie> And I need to get on with gcc-pie testing.
16:45 <sbeattie> That's pretty much my week. tyhicks is out, so jjohansen?
16:45 <jjohansen> I have next cycle of kernel sign-offs to do this week
16:46 <jdstrand> sbeattie: are the bugs all ready and you are satisfied with apparmor and rsyslog? I'd be happy to do the pocket copy for you
16:46 <jjohansen> For apparmor I am still cleaning up the domain transition bits and hunting bugs, improving, extending or writing new regression tests around that
16:46 <jdstrand> sbeattie: is the apparmor upload a merge of what went to Debian?
16:46 <jjohansen> jdstrand: infinity will probably do the pocket copy
16:47 <jjohansen> jdstrand: oops sorry, ignore that
16:47 <jdstrand> sorry, I'm asking sbeattie questions during your report
16:47 <jdstrand> I was slow to ask
16:47 * jjohansen missed the sbeattie bit and thought that was a kernel question
16:47 * sbeattie waits for jjohansen to finish
16:47 <jjohansen> heh, well if I had read who you were poking
16:47 <jjohansen> ...
16:48 <jjohansen> sbeattie: go
16:48 <sbeattie> jdstrand: I do need to finish up the paperwork on the SRU bugs.
16:48 <jdstrand> sbeattie: just ping me when you want me to copy to trusty-proposed
16:48 <sbeattie> jdstrand: and I haven't looked at the debian upload, I'll do that as well.
16:48 <jdstrand> sbeattie: what is left on the gcc pie work?
16:49 <jdstrand> sbeattie: are you ready for me to stop firing questions at you?
16:49 <sbeattie> jdstrand: I need to do a few more test rebuilds
16:49 <sbeattie> jdstrand: heh. :)
16:49 <jdstrand> sbeattie: ah good, so then after that, you can hand to doko?
16:49 <jdstrand> sbeattie: or is there more?
16:50 <sbeattie> ah, sorry, one of us needs to do some benchmarking as well.
16:51 <jdstrand> ok
16:51 <jdstrand> seems this week your plate is full for benchmarking. we can circle back around to that when tyler is back
16:52 <sbeattie> okay
16:52 * jdstrand is done firing questions at sbeattie
16:52 <jdstrand> sbeattie: thanks :)
16:53 <jdstrand> jjohansen: ok, feel free to proceed. that said, I have a question for you already
16:54 <jjohansen> jdstrand: fire
16:54 <jdstrand> is the 'cleaning up the domain transition bits' part of the upstreaming work?
16:54 <jjohansen> I think so
16:55 <jdstrand> ok, good. we'll (and this is for all of the team, not just you/the upstreaming work) need to come up with a plan after tyler gets back for what to focus on
16:55 <jdstrand> for the cycle
16:56 <jjohansen> ack
16:56 <jdstrand> obviously, the upstreaming work is important-- I'd just like to map everything all out
16:56 <jdstrand> pull people in, etc
16:56 <jdstrand> anyhoo-- that isn't a question-- just me commenting
16:56 <jdstrand> jjohansen: please proceed :)
16:57 <jjohansen> well thats it for me :), sarnold you are up
16:57 <sarnold> I'm on CVE triage this week; I'll also be checking in on UOS; I'll also be working on testing openstack updates
16:58 <jdstrand> sarnold: how are the openstack updates going? I saw the question to beisner. are you unblocked?
16:59 <sarnold> jdstrand: no, his answer is helpful but it doesn't really provide an immediate "do this" kind of answer; the mysql charm bug is https://bugs.launchpad.net/charms/+source/mysql/+bug/1423153 and I didn't see any discussion how to retrieve the password via the juju relations, and I don't know why a five or six week old fix isn't working..
17:00 <ubottu> Launchpad bug 1423153 in percona-cluster (Juju Charms Collection) "/var/lib/mysql/mysql.passwd no longer exist" [High,Fix released]
17:00 <jdstrand> sarnold: ok, can you follow up with them on irc outside of the meeting?
17:01 <sarnold> jdstrand: I've asked for information on the bug to find out what the right answer is for finding the password.. if they report back that the answer is to use the relatin-get mechanism, then I think I'm going to file a ahndful of bugs on documentations and go annoy jcastro's stackoverflow answers..
17:01 <jdstrand> and let me know how I can help unblock you
17:01 <sarnold> jdstrand: thanks
17:01 <sarnold> I think that's it for me, chrisccoulson ?
17:01 <jdstrand> that all sounds fine, but let's also make sure we are moving forward
17:02 <chrisccoulson> so, it's a short week for me this week. I shall be hoping that I don't have to deal with any more issues on arale, so I can get planned work done :)
17:02 <jdstrand> (which, you are doing the right thing, just want to make sure we don't stall out on email/bug reports/etc)
17:02 <chrisccoulson> I'm going to be working through code reviews (doing the camera branch right now)
17:02 <chrisccoulson> and I want to get https://code.launchpad.net/~chrisccoulson/oxide/media-permissions in to a state where it can land too
17:03 <jdstrand> those kinda go hand in hand, right?
17:03 <chrisccoulson> Sort of - camera works on the desktop already (with the permissions branch)
17:04 * jdstrand nods
17:04 <jdstrand> is arale looking ok now?
17:04 <chrisccoulson> It is. Nobody has pinged me today anyway :)
17:05 <jdstrand> well, that's a start :)
17:05 <jdstrand> are there any browser/oxide UOS meetings?
17:05 <jdstrand> s/meetings/sessions/
17:05 <chrisccoulson> I also got Firefox 38 building on precise last week with the updated compiler (see gcc-mozilla and hardening-wrapper in https://launchpad.net/~ubuntu-mozilla-security/+archive/ubuntu/ppa and firefox in https://launchpad.net/~ubuntu-mozilla-security/+archive/ubuntu/ppa).
17:05 <chrisccoulson> That seems to be working ok :)
17:05 <chrisccoulson> UOS - I'm not sure about that. I haven't checked the schedule
17:05 <chrisccoulson> I've not scheduled anything
17:06 <chrisccoulson> Firefox 38 is next week btw
17:06 <chrisccoulson> I think that's me done
17:06 <jdstrand> if you could keep an eye out for meetings wrt that, that would be great. if you need one of us to attend in your absence, let us know
17:07 <jdstrand> chrisccoulson: ^
17:07 <jdstrand> [TOPIC] Highlighted packages
17:07 <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:07 <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:07 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/k4dirstat.html
17:07 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/qpid-python.html
17:07 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/novnc.html
17:08 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-arm-none-eabi.html
17:08 <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/python-restkit.html
17:08 <jdstrand> [TOPIC] Miscellaneous and Questions
17:08 <jdstrand> Does anyone have any other questions or items to discuss?
17:09 <jdstrand> mdeslaur, sbeattie, jjohansen, sarnold, chrisccoulson: thanks!
17:09 <jdstrand> #endmeeting