16:31 <tyhicks> #startmeeting
16:31 <meetingology> Meeting started Mon Aug  3 16:31:45 2015 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:31 <meetingology> 
16:31 <meetingology> Available commands: action commands idea info link nick
16:31 <mdeslaur> \o
16:32 <tyhicks> The meeting agenda can be found at:
16:32 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:32 <tyhicks> [TOPIC] Announcements
16:32 <tyhicks> Seyeong Kim (xtrusia) provided debdiffs for trusty-wily for pcre3 (LP: #1396768)
16:32 <ubottu> Launchpad bug 1396768 in pcre3 (Ubuntu Vivid) "pcre3 vulnerability CVE-2014, 2015" [Undecided,Fix released] https://launchpad.net/bugs/1396768
16:32 <tyhicks> Your contributions are greatly appreciated! :)
16:32 <tyhicks> [TOPIC] Weekly stand-up report
16:32 <tyhicks> mdeslaur: you're up
16:32 <mdeslaur> I'm out all week as I'm going to a conference
16:33 <mdeslaur> today I'm preparing my travel laptop
16:33 <mdeslaur> that's it from me, sbeattie, you're up
16:33 <sbeattie> I'm taking cve triage for mdeslaur this week, since he's gone and I'll be at a conference next week, when it would be my turn.
16:34 <sbeattie> I'm testing my fix to the apparmor 2.10 regression that prevented it from migrating to wily from proposed
16:34 <sbeattie> I've also got openjdk-6 on my plate this week
16:35 <sbeattie> That's pretty much my priorities for this week. tyhicks, you're up.
16:36 <tyhicks> I'm on community this week
16:36 <tyhicks> I have a couple designs to work on
16:38 <tyhicks> I have an embargoed issue
16:39 <tyhicks> I need to drum up someone to verify the fix for bug #1473584
16:39 <ubottu> bug 1473584 in linux-manta (Ubuntu Vivid) "AUDIT_USER_AVC messages are not printk'ed when auditd is not running" [Undecided,Fix committed] https://launchpad.net/bugs/1473584
16:39 <tyhicks> I think jjohansen is going to help me there if he has a chance
16:39 <jjohansen> sure
16:40 <tyhicks> and I need to finish the fix for a stale dcache issue in eCryptfs reported on Friday
16:40 <tyhicks> shouldn't be much work left there
16:40 <tyhicks> that's it for me
16:40 <tyhicks> jjohansen: you're up
16:40 <jjohansen> I need to finish investigating bind mount issue with apparmor lxd in snappy
16:40 <jjohansen> look into secure exec around the 4.2 rebase of apparmor
16:40 <jjohansen> send some apparmor patches upstream for 4.3
16:40 <jjohansen> still need to finish reviewing the dconf userspace patches
16:40 <jjohansen> continue working on the fix for bug #1448912
16:40 <ubottu> bug 1448912 in AppArmor "BUG: unable to handle kernel NULL pointer dereference (aa_label_merge)" [Medium,Confirmed] https://launchpad.net/bugs/1448912
16:41 <jjohansen> thats it for me sarnold you're up
16:41 <sarnold> I'm on bug triage this week
16:42 <sarnold> I need to have a conversation with till about testing ippusbxd, when doing the mir I wondered if it was working as advertised, and realized that we can't really test this thing end-to-end like we do with most packages
16:43 <sarnold> most of the work with the mir is done, it'd just be useful to have an irc chat with till, rather than back-and-forth over bugmail. oh well, it'll work either way..
16:44 <sarnold> I suspect I'll pick up more MIRs this week, though may do reactive work if needed
16:44 <tyhicks> sarnold: he should be catchable over irc
16:44 <sarnold> and might do an apparmor review or two for a change of pace
16:44 <sarnold> tyhicks: yeah, I suspect summertime has just made it less likely for us to see each other
16:44 * tyhicks nods
16:44 <tyhicks> sarnold: would you be able to publish the openstack updates today?
16:44 <sarnold> tyhicks: sure
16:45 <tyhicks> sarnold: that'll be a huge help - thanks!
16:45 <tyhicks> sarnold: we can sync up afterwards
16:45 <sarnold> it'll feel great have those moving :)
16:45 <tyhicks> Chris is likely having connectivity issues
16:45 <tyhicks> yes
16:45 <tyhicks> I think we're done with stand-up reports
16:45 <tyhicks> [TOPIC] Highlighted packages
16:46 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:46 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:46 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/xorg-server-lts-utopic.html
16:46 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/lft.html
16:46 <tyhicks> [TOPIC] Miscellaneous and Questions
16:46 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libspoon-perl.html
16:46 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libdancer-perl.html
16:46 <tyhicks> Does anyone have any other questions or items to discuss?
16:46 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/lwipv6.html
16:48 <tyhicks> mdeslaur, sbeattie, jjohansen, sarnold: Thanks!
16:48 <tyhicks> #endmeeting