16:34 <tyhicks> #startmeeting
16:34 <meetingology> Meeting started Mon Apr 18 16:34:00 2016 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:34 <meetingology> 
16:34 <meetingology> Available commands: action commands idea info link nick
16:34 <tyhicks> The meeting agenda can be found at:
16:34 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:34 <tyhicks> [TOPIC] Weekly stand-up report
16:34 <tyhicks> jdstrand: you're up
16:34 <mdeslaur> \o
16:39 <tyhicks> mdeslaur: go ahead and we'll circle back to Jamie
16:39 <mdeslaur> I'm in the happy place this week
16:40 <mdeslaur> I just published the samba and optipng updates
16:40 <mdeslaur> and am working on php5 updates
16:40 <mdeslaur> that's it, sbeattie you're it
16:40 <sbeattie> I'm on community this week.
16:40 <sbeattie> I'm currently (still) testing glibc updates
16:41 <sbeattie> I have some apparmor things to do as well, plus the usual kernel cve triage bits
16:41 <sbeattie> I may try to pick up another update or two, as we have a bit of a backlog.
16:41 <sbeattie> that's it for me, tyhicks?
16:42 <tyhicks> sbeattie: x+1 will open next week so we need to be ready for PIE by default
16:42 <sbeattie> right
16:43 <tyhicks> sbeattie: as much as I agree that picking up an update is needed, it may be higher prio to focus on the various debdiffs
16:43 <sbeattie> okay
16:43 <jdstrand> sorry, got pulled aside
16:43 <tyhicks> jdstrand: go ahead
16:44 <jdstrand> most of my week is going to be dealing with documentation updates for snappy on 16.04, helping the sdoc guys on policy/interfaces, testing snappy interfaces myself and an embargoed issue
16:44 <jdstrand> oh, and this is a short week for me
16:44 <jdstrand> I'll be off tomorrow
16:44 <jdstrand> (but back wed)
16:45 <tyhicks> thanks
16:45 <tyhicks> I'm on bug triage this week
16:46 <tyhicks> I'm currently making progress on the ecryptfs maintenance todos that I've been mentioning the last few weeks
16:46 <tyhicks> I've built up quite an email backlog and need to get through some of that before release
16:47 <tyhicks> if I have time, I'd like to help out with code reviews or maybe pick up an update
16:47 <tyhicks> jjohansen: you're up
16:47 <jjohansen> I'm working on squashing more apparmor bugs this week
16:48 <jjohansen> it seems I need to revisit the loading bug that I thought to have finally tracked down as cboltz reports the fix isn't working for him
16:49 <jjohansen> hrmmm, I think that is it for me, unless I am given different direction
16:50 <tyhicks> sounds about right to me
16:50 <tyhicks> sarnold: go ahead
16:51 <sarnold> I'm on cve triage this week, but I think I may neglect it today and maybe tomorrow to focus on MIRs instead -- it'd be nice to get through as many as we can before release, I think, and it's not like we have a shortage of issues to work n
16:51 <tyhicks> I think that's a good idea
16:51 <sarnold> the apparmor community has also been on fire with patches the last few weeks, it'd be fun if that continues, so i'll try to work in some smaller/obvious reviews if I can
16:52 <sarnold> that's it for me, chrisccoulson?
16:52 <chrisccoulson> I've got an Oxide update to get out this week. I'm also expecting Chromium at some point too
16:52 <chrisccoulson> And a Firefox update
16:53 <chrisccoulson> I also need to update the Firefox packaging for https://bugzilla.mozilla.org/show_bug.cgi?id=1256955 so that we can produce builds for the next release (next week)
16:53 <ubottu> Mozilla bug 1256955 in Release Automation "provide ability to correlate release promotion releases with their respective l10n changeset" [Normal,Resolved: fixed]
16:54 <chrisccoulson> I plan to spend some time adding a test shell to Oxide this week (see the last sentence of the commit message for http://bazaar.launchpad.net/~oxide-developers/oxide/oxide.trunk/revision/1447)
16:54 <chrisccoulson> But that does require some other re-architecting first
16:55 <tyhicks> oof
16:55 <tyhicks> chrisccoulson: expect to get to any oxide development items?
16:56 <chrisccoulson> I also plan to have a look at bug 1570996, to try to figure out if we can make shutdown a bit more reliable (it's not the only shutdown issue we have)
16:56 <ubottu> bug 1570996 in Oxide "g_all_contexts.Get().size() == static_cast<size_t>(0) (1 vs. 0)" [Undecided,New] https://launchpad.net/bugs/1570996
16:56 <chrisccoulson> tyhicks, I hope so
16:56 <chrisccoulson> I think that's me done
16:57 <tyhicks> thanks
16:57 <tyhicks> [TOPIC] Highlighted packages
16:57 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
16:57 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/archmage.html
16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/cabextract.html
16:57 <tyhicks> [TOPIC] Miscellaneous and Questions
16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/filezilla.html
16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/insighttoolkit4.html
16:57 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/qpid-python.html
16:57 <tyhicks> Does anyone have any other questions or items to discuss?
16:59 <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks!
16:59 <tyhicks> #endmeeting