=== starcraft is now known as starcraftman
=== nxvl_ is now known as nxvl
=== asac_ is now known as asac
=== Yos_ is now known as Yos
=== alsroot_ is now known as alsroot
=== fader|away is now known as fader_
=== starcraft is now known as starcaftman
=== starcaftman is now known as starcraftman
=== elky is now known as Guest4966
=== Yos_ is now known as Yos
=== robbiew_ is now known as robbiew
=== alsroot is now known as Guest53931
=== Guest53931 is now known as alsroot
=== ghostcube_ is now known as ghostcube
[18:00] <robbiew> kees: meeting today?
=== fader_ is now known as fader|lunch
[18:08] <kees> ah-ha, there I am.
[18:08] <kees> jdstrand, mdeslaur, robbiew: sorry I'm late.  ready to go?
[18:09] <mdeslaur> sure
[18:09] <robbiew> mdselaur: I thought you were on vacation?
[18:09] <mdeslaur> I am
[18:09] <kees> hah
[18:09] <robbiew> lol
[18:09] <robbiew> such commitment
[18:09] <mdeslaur> not like I have anything better to do
[18:09] <robbiew> :/
[18:09] <mdeslaur> (besides the list my wife made me)
[18:09] <kees> heh
[18:10] <robbiew> http://www.sadtrombone.com
[18:10] <jdstrand> o/
[18:10] <jjohansen> o/
[18:10] <kees> heya jjohansen
[18:10] <mdeslaur> hahaha
[18:10] <jdstrand> hehe (list)
[18:10] <jjohansen> :)
[18:11] <kees> jdstrand: uhm, you start?
[18:11] <jdstrand> ok
[18:11] <jdstrand> I am triager this week
[18:11] <kees> (I'm stalling to read the needs-fixing list)
[18:11] <jdstrand> I have two updates I'm going to try to get out
[18:12] <jdstrand> I also *need* to get the firefox apparmor profile going for 3.6, for when 3.6 hits karmic this month
[18:12] <jdstrand> and have an appropriate upgrade path
[18:14] <jdstrand> since kees is community this week, I want to hand off bug #446838
[18:14] <ubottu> Launchpad bug 446838 in squirrelmail "Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.19 and earlier" [High,Fix committed] https://launchpad.net/bugs/446838
[18:15] <jdstrand> it is in -proposed right now
[18:15] <kees> yeah, I saw that going back and forth this last week
[18:15] <jdstrand> that is the first sponsored upload to follow the new SponsorshipProcess for security uploads
[18:16] <jdstrand> incidentally, I emailed ubuntu-devel and blogged about the new process
[18:16] <kees> nice
[18:16] <jdstrand> the important links for people are:
[18:16] <jdstrand> https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Submission
[18:16] <jdstrand> https://wiki.ubuntu.com/SponsorshipProcess
[18:16] <jdstrand> https://wiki.ubuntu.com/SecurityTeam/SponsorsQueue
[18:17] <jdstrand> kees: I'm pretty sure I made a few tweaks to SponsorsQueue after you reviewed it last week, based on what I was doing with squirrelmail
[18:17] <jdstrand> but they were minor
[18:17] <ScottK> jdstrand: It might be worth a mention on ubuntu-devel-announce.  Not everyone is on ubuntu-devel
[18:18] <kees> yeah, I saw the wiki edits going by.  I had enough context that the changes made sense from what I saw in email.
[18:18] <jdstrand> kees, mdeslaur: I figure that whoever is on community will work the SponsorsQueue
[18:18] <kees> really excellent stuff.
[18:18] <jdstrand> ScottK: ack
[18:18] <kees> jdstrand: right
[18:18] <jdstrand> kees, mdeslaur: and maybe we hand off like I did today for stuff that didn't make it all the way through during the previous week
[18:18] <jdstrand> does that sound reasonable?
[18:19] <jdstrand> kees: and "thanks" for you positive comment :)
[18:19] <mdeslaur> sounds good
[18:19] <kees> jdstrand: yeah, a good idea.  and even if not formally handed off, it should still be the current week's person's responsibility to check on the state of sponsored stuff
[18:19] <jdstrand> really, it all grew out of that meeting we all attended (including ScottK)
[18:19] <mdeslaur> and yeah, good job jdstrand on that
[18:19] <jdstrand> so thanks to all of you :)
[18:20]  * robbiew can feel the love!
[18:20] <robbiew> lol
[18:20] <jdstrand> kees: sounds fine
[18:20] <kees> heh
[18:20]  * jdstrand hugs robbiew 
[18:20] <jdstrand> ;)
[18:20] <jdstrand> that's it from me
[18:21] <kees> ok, I'll go
[18:21] <kees> I tweaked the workitems reporter to show priority in the per-assignee break-outs so we can see our stuff kind of in a list of what we should work on next
[18:22] <kees> (it's additionally sorted by bp completion level, so the bps closest to be done are at the top of each priority section)
[18:22] <jdstrand> kees: I'm looking at http://piware.de/workitems/security/lucid/report.html
[18:22] <kees> this week I'm going to try to sort out the open xen and kvm CVEs, and maybe take mutt and mysql (though I'm shy of mysql without going and reading the CVEs)
[18:23] <jdstrand> oh nm
[18:23] <jdstrand> (still reading though)
[18:23] <kees> jdstrand: righto.  I like how our green continues to shoot up, but we never seen to get the red too much lower.  ;)  kind of like our updates work.  :)
[18:24] <jdstrand> heheh
[18:24] <jdstrand> yeah...
[18:24] <kees> anyway, I'm find with graphs showing reality.
[18:24] <kees> s/find/fine
[18:24] <jdstrand> on a related note...
[18:24] <kees> I expect there to be another karmic kernel update before xmas, thanks to more ext4 issues.
[18:24] <jdstrand> :(
[18:25]  * jdstrand pauses the related note
[18:25] <kees> oh, that's about it from me.  what's the related note?
[18:25] <jdstrand> on an unrelated note...
[18:25] <jdstrand> I updated https://wiki.ubuntu.com/SecurityTeam/ReleaseStatus/Lucid
[18:25] <jdstrand> this is what is looked at during the weekly ReleaseStatus meeting
[18:26] <jdstrand> please have a peek at it
[18:26] <jdstrand> I decided to only list our Essential bps
[18:26] <jdstrand> but make the others easy to find
[18:26] <jdstrand> I think this reflects more what we are doing and how we work
[18:27] <jdstrand> I did not automate the wiki generation like some other teams did
[18:27] <kees> jdstrand: agreed, that sounds about right
[18:27] <kees> (only listing essential)
[18:27] <jdstrand> but, then, there are only 5 essential items
[18:27] <jdstrand> and I ran out of time. I'll likely update the wiki for the status of those manually for now
[18:27] <kees> well, we're not staffed for development, so that's 5 more than we're expected to have.  ;)
[18:27] <jdstrand> heh
[18:27] <robbiew> ack
[18:28] <robbiew> ;)
[18:28] <jdstrand> that's it for the (un)related note
[18:28] <kees> like... seriously, ext4 omg: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.1
[18:29] <kees> anyway, mdeslaur, you're up
[18:29] <mdeslaur> I'm on vacation
[18:29] <robbiew> lol
[18:29] <jdstrand> kees: is that another karmic specific, or all?
[18:29] <kees> mdeslaur: done!  :)
[18:30] <mdeslaur> this week, I plan on 1- getting drunk, 2- plastering the basement, in no particular order
[18:30] <jdstrand> mdeslaur: excellent vacation work btw :P
[18:30] <kees> jdstrand: not sure currently, I need to dig through the commits.  but man, that is a lot of ext4 fixes.  :(
[18:30]  * jdstrand nods
[18:30] <kees> jjohansen: you've got a few items on the security team workitem list.  anything you need help with there?
[18:30] <robbiew> at least we can address them BEFORE the LTS ;)
[18:31]  * jdstrand wonders how many of those have been reported because Karmic has it by default...
[18:31] <kees> dunno.
[18:31] <jjohansen> not yet
[18:32] <kees> jdstrand: who is coffeedude.jerry, and how do we get him to do his two essentials?  :)
[18:32] <jjohansen> I think things are going alright but we will see how things look heading into next week
[18:32] <jdstrand> kees: Jerry Carter
[18:32] <kees> jjohansen: cool
[18:32] <kees> jdstrand: ah! yes, that jerry.  :)
[18:32] <jdstrand> kees: he is talking to the likewise people-- I've discussed the bug with him-- they are handling it in their lucid/likewise work
[18:33] <jdstrand> well, he *is* likewise people, but he is discussing it with more likewise people
[18:33] <kees> ok, cool.  wasn't sure how we'd hear back on their status.  but I'm cool now that my brain connected to the right jerry.  :)
[18:33] <jdstrand> heh
[18:33] <liel> Hello
[18:33] <kees> hi
[18:34] <jdstrand> the apparmor part of that bug is fixed, likewise just needs to be updated
[18:34]  * kees nods
[18:34] <jdstrand> they will handle the upgrade/install path stuff
[18:34] <kees> ok.  any other items anyone has to bring up?
[18:34] <jdstrand> I stuck two bugs in 'Other Lucid-targeted bugs'
[18:34] <jdstrand> (https://wiki.ubuntu.com/SecurityTeam/ReleaseStatus/Lucid)
[18:35] <jdstrand> feel free to add other important ones there
[18:35]  * jdstrand thinks he is really done with ReleaseStatus/Lucid now
[18:35] <kees> isn't the backingstore already a workitem?
[18:36] <jdstrand> well it is, but the bug shows up in bug lists
[18:36] <kees> ok
[18:36] <jdstrand> I forget which one offhand-- but it is a release item bug iirc
[18:37] <jdstrand> I went through that list last week, and I think those were the only two we had
[18:38] <jdstrand> kees: btw, good job on the workitems changes-- it is nice :)
[18:38] <jdstrand> so is that it?
[18:38] <kees> jdstrand: thanks!
[18:38] <kees> yeah, I think so.
[18:38] <kees> thanks everyone!
[18:38] <jdstrand> any questions for the security team?
[18:39] <robbiew> thanks kees: jdstrand:
[18:39] <robbiew> and mdeslaur  (if you're still sober:P)
[18:39] <kees> heh
[18:39] <jdstrand> haha
[18:40] <jdstrand> robbiew: what, you won't thank a drunk man?
[18:40] <robbiew> lol
[18:40] <robbiew> wasn't sure if he could read still ;)
[18:40] <mdeslaur> I'm still sober :)
[18:40] <jdstrand> hehe
[18:40] <mdeslaur> I decided to plaster first :)
[18:41] <jdstrand> a) plaster, b) get plastered
[18:41] <mdeslaur> lol
[18:46] <zul>  // drunk fix later
=== fader|lunch is now known as fader_
=== Yos_ is now known as Yos
=== robbiew1 is now known as robbiew
=== robbiew is now known as robbiew_
=== elky is now known as Guest4966
=== Guest4966 is now known as elky
=== Pendulum_ is now known as Pendulum
=== fader_ is now known as fader|away
=== robbiew_ is now known as robbiew
=== Adri2000_ is now known as Adri2000
=== jMyles_ is now known as jMyles