#ubuntu-meeting log

16:39 <tyhicks> #startmeeting
16:39 <meetingology> Meeting started Mon Jan  4 16:39:32 2016 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:39 <meetingology> 
16:39 <meetingology> Available commands: action commands idea info link nick
16:39 <tyhicks> The meeting agenda can be found at:
16:39 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:39 <tyhicks> [TOPIC] Announcements
16:39 <tyhicks> Bryan Quigley (gQuigs) provided a debdiff for trusty for cups (LP: #1505328)
16:39 <ubottu> Launchpad bug 1505328 in cups (Ubuntu Trusty) "Cups SSL is vulnerable to POODLE" [High,Fix released] https://launchpad.net/bugs/1505328
16:39 <tyhicks> Stefan Bader (smb) provided debdiffs for precise-wily for xen
16:40 <tyhicks> Louis Bouchard (caribou) provided debdiffs for trusty-wily for sosreport (LP: #1525271)
16:40 <ubottu> Launchpad bug 1525271 in sosreport (Ubuntu Wily) "CVE-2015-7529 needs to be backported to supported releases" [High,Fix released] https://launchpad.net/bugs/1525271
16:40 <tyhicks> Thank you for your assistance in keeping Ubuntu users secure! :)
16:40 <tyhicks> [TOPIC] Weekly stand-up report
16:40 <tyhicks> mdeslaur: you're up
16:40 <mdeslaur> \o
16:40 <mdeslaur> I'm on triage this week
16:41 <mdeslaur> I'm currently working on the samba updates
16:41 <mdeslaur> I plan on releasing those probably this week
16:41 <mdeslaur> and I have some other updates in the security team proposed ppa that need testing
16:41 <mdeslaur> and I'll see if I can pick something else from the list after that
16:41 <mdeslaur> that's pretty much it from me, sbeattie?
16:42 <tyhicks> I don't think he's in yet so I'll go
16:42 <tyhicks> I'm in the community role this week
16:42 <tyhicks> I have a lot of email catchup to do from the holidays (as I'm sure we all do)
16:43 <mdeslaur> ctrl-a, del
16:43 <tyhicks> after that, I plan on helping jjohansen with the AppArmor stacking work
16:43 <tyhicks> :)
16:44 <tyhicks> I'd also like to spend a little bit of time looking at rngd and if it works to seed /dev/random with the hwrng on the beagle bone black
16:44 <jjohansen> well right up until you get to that third email ...
16:44 <tyhicks> jjohansen: you're up
16:45 <jjohansen> I will be looking at (drowning in) the email backlog as well
16:46 <jjohansen> besides that it doing AppArmor stacking work
16:46 <jjohansen> well and I guess syncing up with sbeattie and the kteam on where the kernel is
16:46 <jjohansen> s/kernel/kernel workflow/
16:47 <jjohansen> that is it for me sarnold you are up
16:47 <sarnold> I'm on bug triage this week
16:47 <sarnold> also digging my way out of email
16:48 <sarnold> will continue the dpdk mir this week, aiming to finish it soon
16:48 <sarnold> will help out with apparmor kernel patch review once that's finished
16:48 <sarnold> and learn how to speak in complete sentences next week
16:49 <sarnold> chrisccoulson?
16:49 <tyhicks> jjohansen: do we have any pending apparmor kernel patch reviews to be done?
16:49 <chrisccoulson> I've got a thunderbird update to do this week. And it looks like Oxide and Chromium too
16:49 <mdeslaur> oh forgot to mention. because of my two-week holiday, I completely forgot how debian packaging works.
16:49 <tyhicks> I thought I went through all pending patches in the last working week of 2015
16:49 <jjohansen> tyhicks: no, I think you covered it all
16:49 <tyhicks> sarnold: fyi ^
16:49 <sarnold> oh hooray :)
16:50 <jjohansen> of course since sarnold has so much fun with them ...
16:50 <tyhicks> chrisccoulson: sorry, go ahead :)
16:50 <chrisccoulson> Other than that, I'll be working through my e-mail backlog (well,  ctrl+a, del) and doing some reviews
16:50 <chrisccoulson> I think that's me done
16:51 <tyhicks> chrisccoulson: lots of updates :)
16:52 <tyhicks> mdeslaur: impressive that you can remember how debian packaging works across the weekends
16:52 <tyhicks> [TOPIC] Highlighted packages
16:52 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:52 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/jgit.html
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/openjpa.html
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-h8300-hms.html
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/gcc-4.8-ppc64el-cross.html
16:52 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/doctrine.html
16:52 <tyhicks> [TOPIC] Miscellaneous and Questions
16:52 <tyhicks> Does anyone have any other questions or items to discuss?
16:53 <dholbach> just because you mentioned highlighted packages... maybe somebody could take a look at bug 1528682? I saw it in the sponsoring queue today
16:53 <ubottu> bug 1528682 in ffmpeg (Ubuntu) "FFmpeg security fixes December 2015 II" [Medium,New] https://launchpad.net/bugs/1528682
16:54 <dholbach> but it's not a real discussion item... :)
16:55 <tyhicks> dholbach: thanks - I'll have a look this week as part of the community role rotation that I'm on
16:55 <dholbach> awesome - thanks
16:55 <tyhicks> mdeslaur, jjohansen, sarnold, ChrisCoulson: Thanks!
16:55 <tyhicks> #endmeeting