16:33 <tyhicks> #startmeeting 16:33 <meetingology> Meeting started Mon Jun 15 16:33:03 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:33 <meetingology> 16:33 <meetingology> Available commands: action commands idea info link nick 16:33 <jjohansen> o/ 16:33 <tyhicks> The meeting agenda can be found at: 16:33 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:33 <tyhicks> [TOPIC] Announcements 16:33 <tyhicks> Thanks to LocutusOfBorg for help on security updates for the community supported gnutls28 (LP: #1326779) last week. Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) 16:33 <ubottu> Launchpad bug 1326779 in gnutls28 (Ubuntu) "libgnutls28 appears to not have been updated for CVE-2014-3466 in Trusty" [Critical,Fix released] https://launchpad.net/bugs/1326779 16:33 <tyhicks> [TOPIC] Weekly stand-up report 16:33 <tyhicks> jdstrand: you're up 16:34 <jdstrand> hello 16:34 <jdstrand> I have two embargoed issues I am working on 16:34 <jdstrand> work planning with tyhicks 16:34 <jdstrand> if those don't consume all of my time, finally start on seccomp policy regeneration on upgrade 16:35 <jdstrand> and keep working on security update processes for readonly images 16:35 <jdstrand> mdeslaur: you're up 16:35 <mdeslaur> I'm working on wpa updates 16:35 <mdeslaur> and an embargoed issue 16:35 <mdeslaur> and will be going down the list after that 16:35 <mdeslaur> I'm on bug triage this week too 16:35 <mdeslaur> that's it for me, sbeattie, you're up 16:36 <sbeattie> I'm on CVE triage this week 16:37 <sbeattie> The trusty apparmor SRU just needs to be promoted to trusty-updates, I am prodding the SRU team to do that. 16:37 <tyhicks> nice 16:38 <sarnold> nice :) thanks! 16:38 <sbeattie> I'm going to work on the gcc-pie stuff next, while looking at some more of the apparmor patches that have accumulated in the meantime. 16:38 <sbeattie> And that will probably consume my week 16:38 <sbeattie> tyhicks: you're up 16:39 <tyhicks> I'm in the happy place this week 16:39 <tyhicks> I am working on an embargoed item 16:39 <tyhicks> I need to finish up my patch update testing and publish those updates 16:40 <tyhicks> continue apparmor list communications to identify and finish up the final patches for the 2.10 release 16:40 <tyhicks> that's it for now 16:40 <tyhicks> jjohansen: you're up 16:41 <jjohansen> I am going to be finishing up my dconf review and spending some time discussing that 16:42 <jjohansen> that is dconf apparmor work 16:42 <jjohansen> I need to do what ever is needed to help push through the caching api patches 16:43 <jjohansen> I have some revision to do on a couple patches for 2.10 16:44 <jjohansen> I need to open up the start of the next kernel update cycle 16:44 <jjohansen> I have the backport for bug 1460152 to finish up and test 16:45 <ubottu> bug 1460152 in Snappy "apparmor cache not updated when apparmor.d rules change (breaks 15.04/stable -> 15.04/edge updates)" [Critical,In progress] https://launchpad.net/bugs/1460152 16:46 <jjohansen> I have an apparmor kernel bug (that I have lost atm) to triage 16:47 <jjohansen> I have a few patches to push out to the kernel team 16:47 <jjohansen> a small pull request to pull together and send upstream 16:48 <jjohansen> and then perhaps I can get back to the rest of the upstream cleanup 16:48 <tyhicks> lots of stuff on your todo list this week 16:48 <tyhicks> too much, probably 16:48 <tyhicks> once I get through some of mine, I'll check in to see if I can help out 16:48 <sbeattie> yeah, just thinking the same. 16:49 <tyhicks> jjohansen: should I take over the backporting for bug 1460152? 16:49 <ubottu> bug 1460152 in Snappy "apparmor cache not updated when apparmor.d rules change (breaks 15.04/stable -> 15.04/edge updates)" [Critical,In progress] https://launchpad.net/bugs/1460152 16:49 <tyhicks> I'm now very familiar with that part of the parser 16:49 <sarnold> heh 16:50 <jjohansen> tyhicks: nah, I am basically done with it, there is a bit I need to figure out/verify but was feeling too stupid at 3am this morning. You can review and test if you want 16:50 <tyhicks> ok 16:50 <tyhicks> then maybe I can help with the ubuntu kernel pull requests 16:50 <tyhicks> we'll talk about it later 16:50 <jjohansen> tyhicks: sure 16:51 <tyhicks> sarnold: go ahead 16:51 <sarnold> I'm on community this week; I'm also going to brain-dump what I learned working with canonistack, I think I'm nearing the end of the openstack issues re-triaging, and will return to MIR auditing 16:51 <sarnold> I'll also try to pick up an apparmor patch review here or there 16:52 <sarnold> I think that's it for me, chrisccoulson? 16:52 <mdeslaur> does that mean we're getting openstack updates soon? 16:52 <chrisccoulson> This week, I'll be spending some time getting through code reviews 16:53 <tyhicks> mdeslaur: it doesn't 16:53 <tyhicks> mdeslaur: I think someone else (possibly me) will try to pick them up after the brain dump 16:54 <chrisccoulson> I'll also be picking off other bugs on https://launchpad.net/oxide/+milestone/branch-1.9, although I'm not sure which ones I'll do this week yet 16:54 <chrisccoulson> And I also plan to get ubufox in to a reviewable state so that we can get it signed 16:56 <chrisccoulson> I think that's me done 16:57 <tyhicks> thanks 16:57 <tyhicks> [TOPIC] Highlighted packages 16:57 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:57 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/ltp.html 16:58 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libcgi-application-perl.html 16:58 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gif2png.html 16:58 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/openvswitch.html 16:58 <tyhicks> [TOPIC] Miscellaneous and Questions 16:58 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libphp-adodb.html 16:58 <tyhicks> Does anyone have any other questions or items to discuss? 17:00 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! 17:00 <tyhicks> #endmeeting