== Meeting information == * #ubuntu-meeting Meeting, 18 May at 16:38 — 17:03 UTC * Full logs at [[http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-05-18-16.38.log.html]] == Meeting summary == ''LINK:'' https://wiki.ubuntu.com/SecurityTeam/Meeting === Weekly stand-up report === The discussion about "Weekly stand-up report" started at 16:38. === Highlighted packages === The discussion about "Highlighted packages" started at 17:01. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/autojump.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/ganeti.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/davfs2.html === Miscellaneous and Questions === The discussion about "Miscellaneous and Questions" started at 17:02. * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/libtar.html * ''LINK:'' http://people.canonical.com/~ubuntu-security/cve/pkg/rawtherapee.html == Vote results == == Done items == * (none) == People present (lines said) == * tyhicks (29) * sbeattie (11) * jdstrand (9) * jjohansen (5) * sarnold (4) * chrisccoulson (4) * meetingology (3) * ubottu (2) == Full Log == 16:38 #startmeeting 16:38 Meeting started Mon May 18 16:38:31 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:38 16:38 Available commands: action commands idea info link nick 16:38 The meeting agenda can be found at: 16:38 [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:38 [TOPIC] Weekly stand-up report 16:38 jdstrand: you're up 16:45 hi! 16:45 sorry 16:45 so, this week I am working on planning out our work 16:45 I finished up the libseccomp SRU and it is just waiting for the week to pass 16:46 I need to get back to seccomp policy updates on snappy and review tools work 16:47 I'm also working on getting core and touch security support nailed down, so then we can define our processes, update tools, etc 16:47 that's it from me 16:48 sbeattie: you're up 16:48 I'm on cve triage this week. 16:48 The rsyslog trusty SRU I did was released to trusty-updates. 16:48 My wily apparmor upload is still waiting to migrate from wily-proposed but is blocked on bogus test failures in other packages. I made 16:48 a query in #ubuntu-release but got no response. 16:48 I've finished the paperwork for the trusty apparmor SRU, I just need to bug someone to copy it over from the security-proposed ppa to the trusty-proposed queue. 16:48 someone == jdstrand :) 16:49 I have some upstream apparmor patches to review for an impending 2.10 release, which is needed for the planned systemd apparmor integration. 16:49 I think I can finally get back the gcc-pie work this week 16:49 That's pretty much it for me. tyhicks: you're up. 16:50 I'm in the happy place this week 16:50 I have more to do around team work planning 16:51 add kernel keyring mediation support to AppArmor parser 16:51 revive patch security updates 16:51 Send proposed fix for bug #1427264 to upstream schroot 16:51 bug 1427264 in schroot (Ubuntu) "using ecryptfs, creating frameworks fail to bind mount issues" [High,In progress] https://launchpad.net/bugs/1427264 16:51 Come up with a fix for bug #1438942 16:51 bug 1438942 in schroot (Ubuntu) "Host's /dev/shm is mounted over when entering 14.10 and older sbuild schroots" [High,In progress] https://launchpad.net/bugs/1438942 16:51 sbeattie: 2.8.95~2430-0ubuntu5.2 to trusty-proposed? 16:51 embargoed issue 16:51 jdstrand: yes, indeed. 16:52 sbeattie: done 16:52 jdstrand: thanks! 16:52 that's it for me 16:52 jjohansen: you're up 16:52 well I have the next round of kernel security sign-offs to finish up this morning 16:53 I have my patchset for upstream that I didn't quite finish up with last week to finish off with 16:54 and then its back to rest of the cleanup, for upstreaming 16:55 oh and I will be synching up on the dconf work, I'm not sure what is there but there will be some time on that 16:56 thats it for me sarnold you're up 16:56 I'm on community this week; there's still some outstanding sync matches in d2u. I don't think I'll try tackling any of the merge matches this week though. 16:57 I'll also be working on tracking down our current status with openstack CVEs, some are silently fixed by server-team updates along the way, some are still outstanding. 16:57 I may also sneak in an apparmor patch review or two for variety. 16:57 that's it for me, chrisccoulson? 16:58 I'm just doing the thunderbird publication, which is my only planned update for this week \o/ 16:58 nice :) 16:59 I got through some reviews last week. I plan to get https://code.launchpad.net/~osomon/oxide/context-menu/+merge/257351 done and also look at the branches that have been updated since I commented on them 16:59 Other than that, I'll be working through whatever I can get done on https://launchpad.net/oxide/+milestone/branch-1.8 17:00 I think that's me done 17:01 thanks 17:01 [TOPIC] Highlighted packages 17:01 The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 17:01 See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 17:02 http://people.canonical.com/~ubuntu-security/cve/pkg/autojump.html 17:02 http://people.canonical.com/~ubuntu-security/cve/pkg/ganeti.html 17:02 http://people.canonical.com/~ubuntu-security/cve/pkg/davfs2.html 17:02 [TOPIC] Miscellaneous and Questions 17:02 http://people.canonical.com/~ubuntu-security/cve/pkg/libtar.html 17:02 http://people.canonical.com/~ubuntu-security/cve/pkg/rawtherapee.html 17:02 Does anyone have any other questions or items to discuss? 17:03 jdstrand, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! 17:03 #endmeeting Generated by MeetBot 0.1.5 (http://wiki.ubuntu.com/meetingology)