16:32 <tyhicks> #startmeeting 16:32 <meetingology> Meeting started Mon Jul 27 16:32:05 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. 16:32 <meetingology> 16:32 <meetingology> Available commands: action commands idea info link nick 16:32 <tyhicks> The meeting agenda can be found at: 16:32 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting 16:32 <tyhicks> [TOPIC] Weekly stand-up report 16:32 <tyhicks> jdstrand: you're up 16:33 <jdstrand> this week I'm focusing on openstack updates 16:33 <jdstrand> swift testsuite issues on precise are resolved 16:33 <jdstrand> I think trusty may have an issue in the functional tests. I will be testing swift and adjusting trusty as necessary 16:33 <jdstrand> I'll also be testing cinder, python-keystoneclient and python-keystonemiddleware 16:34 <jdstrand> (the last two I hadn't claimed until just now) 16:34 <jdstrand> that leaves horizon, keystone and nova. I think someone else has horizon. If I have time I'll look at keystone and nova and comment on precise 16:34 <jdstrand> beyond that, I have some embargoed issues 16:35 <jdstrand> I'm also off all next week 16:35 <jdstrand> mdeslaur: you're up 16:35 <mdeslaur> I'm in the happy place this week 16:35 <mdeslaur> I'm currently testing apache2 updates that should get published today if all goes well 16:36 <mdeslaur> after that, I have a qemu update I'm working on, and have to test pcre3, sqlite3 and tidy 16:36 <mdeslaur> and I also have an embargoed issue 16:36 <mdeslaur> that's it for me, sbeattie, you're up 16:36 <sbeattie> I'm on community this week 16:37 <sbeattie> I'm working on testing lxc against my apparmor 2.10 packages, it's the last bit of testing I need to do before pushing for sponsorship 16:37 <sbeattie> I also need to test the openjdk-7 packages I've prepared, and discuss with do ko openjdk-6. 16:38 <sbeattie> After that, I'll look at what's next on the priority list. 16:38 <sbeattie> That's pretty much it for me, tyhicks? 16:39 * doko is adding another word to high light 16:39 <sbeattie> hehe 16:39 <tyhicks> I'm on bug triage this week 16:39 <tyhicks> I have a couple embargoed issues 16:40 <tyhicks> I still need to review the kdbus LSM hook patch set 16:41 <tyhicks> I'm currently putting the final touches on a fix for bug #1470030 and then I'll submit that upstream 16:41 <ubottu> bug 1470030 in ecryptfs-utils (Ubuntu) "encrypted home is not being unmounted upon logout" [Medium,Confirmed] https://launchpad.net/bugs/1470030 16:41 <tyhicks> sorry, that's the wrong bug 16:41 <tyhicks> bug #1438942 is the correct one 16:41 <ubottu> bug 1438942 in schroot (Ubuntu) "Host's /dev/shm is mounted over when entering 14.10 and older sbuild schroots" [High,In progress] https://launchpad.net/bugs/1438942 16:42 <tyhicks> I also still need to verify the auditing bug fix in the phone kernels 16:42 <tyhicks> that's it for me 16:42 <tyhicks> sbeattie: you're up 16:43 <tyhicks> err 16:43 <tyhicks> jjohansen: you're up 16:43 <jjohansen> I'm sure sbeattie will be thrilled to get a second go 16:43 <tyhicks> :) 16:43 <jjohansen> :) 16:44 <jjohansen> I have some USNs to publish 16:45 <jjohansen> and then I need to get back to the dbus review, fixing a couple kernel bugs 16:45 <jdstrand> do you mean dconf? 16:45 <tyhicks> dbus review? 16:45 <jjohansen> bug #1448912 in particular, as it seems to be poping all to much 16:45 <ubottu> bug 1448912 in AppArmor "BUG: unable to handle kernel NULL pointer dereference (aa_label_merge)" [Medium,Confirmed] https://launchpad.net/bugs/1448912 16:46 <jjohansen> jdstrand: oops yes, dconf (I'll blame monday morning) 16:47 <jjohansen> and of course, I still need to submit some patches upstream, and get back to the rest of the upstream cleanup work 16:48 <jjohansen> oh, and I need to do some more digging on a couple of aspects of the 4.2 kernel rebase, there was specifically some changes around secure exec that deserve a second look 16:49 <jjohansen> I think that is it for me sarnold, you're up 16:49 <sarnold> I'm on CVE triage this week 16:50 <sarnold> I finished the ppc64-diag reviews last week; tyhicks, would you like me to pick up another MIR or pick up a reactive update? 16:51 <tyhicks> sarnold: gut feeling is another MIR but lets talk after the meeting 16:51 <sarnold> alright, no real rush, cve triage takes fo r ever anyway :) 16:51 <sarnold> chrisccoulson? :) 16:51 <chrisccoulson> It's a short week for me this week 16:52 <chrisccoulson> I hope to get Oxide and Chromium out, and work through some of my review queue 16:52 <chrisccoulson> That's me done I think 16:53 <tyhicks> thanks! 16:53 <tyhicks> [TOPIC] Highlighted packages 16:53 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. 16:53 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. 16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-h8300-hms.html 16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/ruby-parser.html 16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/dhcpcd.html 16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/syslog-ng.html 16:53 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/ha.html 16:53 <tyhicks> [TOPIC] Miscellaneous and Questions 16:53 <tyhicks> Does anyone have any other questions or items to discuss? 16:55 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! 16:55 <tyhicks> #endmeeting