#ubuntu-meeting log

16:39 <tyhicks> #startmeeting
16:39 <meetingology> Meeting started Mon May 23 16:39:44 2016 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
16:39 <meetingology> 
16:39 <meetingology> Available commands: action commands idea info link nick
16:39 <tyhicks> The meeting agenda can be found at:
16:39 <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
16:39 <tyhicks> [TOPIC] Weekly stand-up report
16:39 <tyhicks> jdstrand: you're up
16:40 <jdstrand> hello
16:40 <jdstrand> I'm focused on snappy this week
16:40 <jdstrand> specifically, I'm working on more sdoc policy updates, policy recompiles for apparmor upgrades on snappy and sprint outcomes
16:41 <jdstrand> tyhicks: I have a question on seccomp arg filtering. do you plan to review that this week? if not, I need to do an SRU for the ecryptfs denial in the launcher and will work on that. if so, I'll bundle together and work on that
16:42 <jdstrand> in addition, I need to followup on the click-apparmor SRU
16:43 <tyhicks> jdstrand: I do plan to review it this week
16:43 <jdstrand> ok, thanks
16:43 <jdstrand> then I'll also be doing the second part of that :)
16:44 <jdstrand> mdes laur is out, so, sbeattie, you're up
16:44 <sbeattie> I'm in the happy place this week
16:45 <sbeattie> I'm working on getting the glibc updates out this week
16:45 <sbeattie> I need to get back at looking at some of the build failures in yakkety caused by enabling pie
16:46 <sbeattie> I'll probably try to pick up another update in the background this week, since our backlog is long
16:47 <sbeattie> I also need to see where we're at with upstream apparmor on some things, whether we can release 2.11 and pull that into yakkety.
16:47 <sbeattie> That's probably it for me. tyhicks?
16:47 <tyhicks> I'm doing CVE triage this week
16:47 <tyhicks> otherwise, I'm mostly focused on snappy
16:48 <tyhicks> I'm fixing and SRUing bug #1584069 in support of bug #1583259
16:48 <ubottu> bug 1584069 in AppArmor "change_profile rules need a modifier to allow non-secureexec transitions" [High,In progress] https://launchpad.net/bugs/1584069
16:48 <ubottu> bug 1583259 in Snappy Launcher "Snappy needs to influence environment variables in applications " [Undecided,New] https://launchpad.net/bugs/1583259
16:48 <tyhicks> then I'll do some ubuntu-core-launcher MP reviews (including seccomp arg filtering)
16:49 <tyhicks> and then I'll be making the ubuntu-core-launcher changes for bug #1582781
16:49 <ubottu> bug 1582781 in Snappy "snapd needs a way to control mount points " [Undecided,In progress] https://launchpad.net/bugs/1582781
16:49 <tyhicks> that's it for me
16:49 <tyhicks> I don't see jj so you're up, sarnold
16:49 * jjohansen is here
16:49 <tyhicks> ah
16:49 <tyhicks> jjohansen: go ahead
16:50 <jjohansen> I am working on apparmor this week
16:51 <jjohansen> I have a user who has volunteered to run a test kernel for bug  1581990 which I think is the same as 1579135
16:51 <ubottu> bug 1581990 in apparmor (Ubuntu) "Profile reload leads to kernel NULL pointer dereference" [Undecided,New] https://launchpad.net/bugs/1581990
16:51 <jjohansen> so hopefully I can make some progress on it
16:51 <jdstrand> tyhicks: note that zyga is updating the launcher for 'snap-run' and the project is moving and possibly renamed
16:51 * jdstrand gets link
16:52 <jjohansen> bug 1579135
16:52 <ubottu> bug 1579135 in apparmor (Ubuntu) "kernel BUG on snap disconnect from within a snap" [Undecided,Incomplete] https://launchpad.net/bugs/1579135
16:53 <jdstrand> tyhicks: https://github.com/ubuntu-core/snap-run/pull/1/files
16:53 <jjohansen> I found a couple more bugs while auditing the code looking a fix for that and I need to clean those up a bit
16:54 <jjohansen> I need to finish reviewing the gsettings stuff and discuss that this week
16:54 <tyhicks> jdstrand: thanks
16:54 <jdstrand> tyhicks: I'm discussing how thi simpacts us in #snappy
16:55 <jjohansen> I expect to be reviewing some patches from tyhicks, and I'll be working on fixing up more stacking issues
16:56 <tyhicks> jjohansen: can you start putting together a list of bug links for stacking issues that need to be fixed by 16.04.1 so that we can allow unpriv policy loads?
16:56 <jjohansen> tyhicks: sure
16:56 <tyhicks> thanks
16:57 <jjohansen> thats it for me sarnold
16:57 <sarnold> I'm on bug triage this week; I'm working on getting the imagemagick updates out the door; I may also do some smallsih apparmor work for distraction, some wiki editing or patch reviews
16:57 <sarnold> that's it for me, chrisccoulson?
16:58 <chrisccoulson> No updates planned for me this week, although I'll probably be spending some time preparing the next oxide release (1.15)
16:59 <chrisccoulson> I also need to figure out what we're going to do with 32-bit builds, given that launchpad has no support for cross-compiling packages (confirmed by infinity last week)
16:59 <chrisccoulson> Other than that, I'll be working through bugs as usual
16:59 <chrisccoulson> that's me done
17:01 <tyhicks> chrisccoulson: is the GN transition done?
17:02 <chrisccoulson> tyhicks, no, as usual things seem to have slipped a bit upstream, taking the pressure off. So I used that to get some other stuff done last week
17:02 <chrisccoulson> (I'm still working on it)
17:02 <tyhicks> ok, thanks
17:02 <tyhicks> glad you got some breathing room there
17:03 <tyhicks> [TOPIC] Highlighted packages
17:03 <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
17:03 <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
17:03 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/cakephp.html
17:03 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/virtualbox.html
17:03 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/aria2.html
17:03 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/php-sabredav.html
17:03 <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libiptables-parse-perl.html
17:03 <tyhicks> [TOPIC] Miscellaneous and Questions
17:03 <tyhicks> Does anyone have any other questions or items to discuss?
17:05 <tyhicks> jdstrand, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks!
17:05 <tyhicks> #endmeeting