[03:12] <ddecator> what the...
[03:17] <ddecator> micahg: i feel like this is something obvious, but it looks like the build fail is due to 'pushd components > /dev/null' producing a 'pushd: not found' not sure why...
[03:20] <ddecator> oh, that's at the point where i switched 'sh' to 'bash'...
[03:21] <ddecator> i wonder if i switch it back to bash it will work (for w/e reason)
[03:22] <ddecator> that would explain why i did it before, haha, we'll see if it works
[04:25] <ddecator> micahg: yup, that's why i changed it
[04:47] <ddecator> hm, i think the patch i have may in fact be the best way to handle it...
[05:02] <ddecator> micahg: i added the patches to the branch and pushed it. i'm trying to check loggerhead to make sure the patches are in there, but it's not working atm. the patch i'm not sure about is the taglib directory fix. without it, the scripts look in /deps/checkout/ instead of just /deps/ for some reason
[05:02] <micahg> ddecator: k
[05:02] <ddecator> the patch works, just not sure if it's the best way to fix the issue...
[05:02] <micahg> ddecator: I'll review the patches later this week
[05:02] <micahg> need to go to sleep soon
[05:03] <ddecator> micahg: sounds good, let me know if i need to change anything
[05:03] <micahg> ddecator: k, thanks
[09:02]  * BUGabundo_remote says Hi... to the rain :[
[10:52] <fta> BUGabundo_remote, no rain here, but it's coming
[10:52] <fta> 26°C, a bit less than yesterday
[10:54] <BUGabundo_remote> 18ºC here
[10:54] <BUGabundo_remote> was 27º on Sunday
[10:55] <fta> i'm further north than you are, should be the opposite ;)
[10:56] <fta> BUGabundo_remote, http://svnsearch.org/svnsearch/repos/CHROMIUM/search?revision=48107
[11:05] <BUGabundo_remote> lol
[13:44] <fta> mdeslaur, wow.. not sure i can do that myself. some look possible, but imho, upstream should do that. btw, how are we supposed to fill up that page?
[13:45] <mdeslaur> fta: I'm actually working on it now, so no worries
[13:45] <mdeslaur> fta: mozilla gives clear indication what CVEs they fix
[13:45] <mdeslaur> fta: google, unfortunately, don't seem to care
[13:46] <fta> mdeslaur, i know, i've already requested that from google, they added my request as "+1" to obtain internal resources
[13:46] <mdeslaur> fta: oh, that's good news
[13:47] <mdeslaur> fta: I'll update the bug once I've finished researching the CVEs
[13:47] <fta> mdeslaur, based on the svn rev id you have in the bugs and/or cves, that shouldn't be too hard to fill up the blanks
[13:48] <mdeslaur> fta: yeah, it's going pretty good so far
[13:48] <mdeslaur> I'm not supposed to be doing this since chromium-browser is in universe, but I'll do it this time so we catch up
[13:50] <fta> mdeslaur, iirc, the plan is to have it in main for UNE, so it will be the exact same work for lucid/universe
[13:50] <fta> i mean, no additional work
[13:51] <fta> rickspencer3, ^^ is that right? or did i misunderstood something?
[13:51] <mdeslaur> fta: yeah, that's part of the reason why I'm doing it now.
[13:55] <fta> mdeslaur, what do you mean by "needed"? and what's the color code for?
[13:56] <fta> (a legend would be nice to have in the page)
[13:57] <mdeslaur> fta: color is here: http://people.canonical.com/~ubuntu-security/cve/priority.html
[13:57] <mdeslaur> fta: "needed" means the package is vulnerable and needs an update
[13:57] <mdeslaur> fta: but, let me work through it first, as it may be wrong
[13:58] <fta> mdeslaur, ok, i'll have a closer look at the results then. let me know when you're done.
[13:59] <fta> 30°C+ here, i need a break
[14:37] <fta> micahg, sorry to spam you with those user requests ;)
[14:45] <micahg> fta: I'm sorry you still get them ;)
[15:18] <fta> mdeslaur, do you care about cve *before* 556?
[15:21] <mdeslaur> fta: I don't think so...we didn't have chromium in our repo before then
[15:54] <gnomefreak> well here goes nothing :/
[15:57] <gnomefreak> well at least chomium still works right
[15:58] <gnomefreak> cant do this today. see everyone later maybe tomorrow if not later today
[16:00] <micahg> chrisccoulson: asac: DMB meeting now
[16:01] <chrisccoulson> micahg - which channel is it?
[16:01] <chrisccoulson> #ubuntu-meeting?
[16:01] <micahg> chrisccoulson: yep
[16:34] <fta> "Google Chrome 5.0.375.55 has been released to the Stable channel for Linux, Mac and Windows."
[16:34] <fta> huhu
[16:35] <fta> mdeslaur, asac, jcastro: ^^
[16:36] <mdeslaur> fta: that's good news
[16:37] <jcastro> \o/
[16:37] <jcastro> nice!
[16:38] <jcastro> mdeslaur: ok throw away all your work today and put that in instead.
[16:38]  * jcastro runs
[16:39] <BUGabundo_remote> ahaahah
[16:39] <mdeslaur> jcastro: once fta gets it in maverick, we can upload a package to lucid -proposed, etc.
[16:40] <fta> mdeslaur, it's already cooking in the beta ppa (since 22nd), i will release it to maverick shortly
[16:41] <fta> but you can publish what you have for lucid, no need to wait if the work has already been done
[16:43] <mdeslaur> fta: it's already been pushed to -proposed. Once that happens, someone need to comment in the bug that it's been tested successfully, and then the ubuntu-sru team will push it to -updates.
[16:47] <fta> mdeslaur, good. will the cve web page auto-update?
[16:52] <mdeslaur> fta: yes...It gets updated every 3 hours, so it will soon
[16:53] <mdeslaur> fta: how did you determine that CVE-2010-1665 was r40445? the commit doesn't look like it has anything to do with the CVE description...
[16:53] <ubot4> mdeslaur: Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1665)
[16:55] <fta> mdeslaur, i checked when the commit landed, and where
[16:56] <fta> using the chromium bug
[16:56] <mdeslaur> fta: you have access to bug #42294?
[16:56] <ubot4> Launchpad bug 42294 in kpowersave (Ubuntu) "kpowersave eats huge amounts of RAM over time." [Medium,Invalid] https://launchpad.net/bugs/42294
[16:57] <fta> mdeslaur, yes, i'm in their security team
[16:59] <mdeslaur> fta: but r40445 was applied to trunk, not to 342...
[16:59] <mdeslaur> fta: this, right? http://src.chromium.org/viewvc/chrome?view=rev&revision=40445
[17:04] <fta> hm, weird. let me re-check
[17:06] <fta> http://src.chromium.org/viewvc/chrome?view=rev&revision=45594
[17:06] <fta> so 375r45594
[17:06] <fta> target is 5.0.375.38~r46659 so it's fine
[17:08] <fta> will update the bug
[17:12] <fta> it's also in 249r45544 which is not important for us
[17:59] <fta> crimsun, hi, do you have a fix for my p-a crash? or a hint about which part of the last update i could drop (locally)?
[18:23] <fta> http://blog.chromium.org/2010/05/google-chrome-for-linux-goes-stable.html
[18:36] <chrisccoulson> fta - awesome - so, we get properly controlled security updates now?
[18:41] <fta> chrisccoulson, we did already, but now, it should be easier to track
[18:42] <chrisccoulson> fta - yeah, it will be easier. i spoke to evmar at UDS about security updates, and it looks do-able, although we won't get the nice long beta test period we currently enjoy with mozilla
[18:42] <fta> but we will sure get less updates
[18:43] <chrisccoulson> fta - do you know if there will be another major stable update before maverick release? if not, then we should consider tracking the stable channel in the archive now
[18:43] <chrisccoulson> else we will end up in the same situation again once maverick is released
[18:43] <fta> chrisccoulson, imho, parallel channels are better than point releases
[18:44] <fta> chrisccoulson, most probably yes.
[18:45] <fta> for now, i'm waiting for http://omahaproxy.appspot.com/ to move before i close the maverick release
[18:45] <chrisccoulson> fta - awesome
[18:46] <fta> bbs, going for a short ride before it rains
[18:46] <chrisccoulson> i see you did a lucid update a little while ago. when we get the first security update from the stable branch, we can put that in lucid too
[18:46] <chrisccoulson> fta - ok, enjoy :)
[18:48] <fta> chrisccoulson, btw, i advise you to subscribe to https://code.edge.launchpad.net/~chromium-team/chromium-browser/channels if you want to receive notifications
[18:49] <fta> chrisccoulson, http://paste.ubuntu.com/439467/ (windows got a few stable updates recently)
[19:09] <mdeslaur> fta: btw, the html CVE table got updated
[19:39] <dupondje> https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/562802
[19:39] <dupondje> seems to be like https://bugzilla.mozilla.org/show_bug.cgi?id=559110
[19:39] <dupondje> ?
[19:39] <ubot4> Launchpad bug 562802 in firefox (Ubuntu) "xorg use cpu 100% sometime with firefox (affects: 4) (heat: 24)" [Undecided,Incomplete]
[19:39] <ubot4> dupondje: Error: Could not parse XML returned by Mozilla: timed out (http://bugzilla.mozilla.org/xml.cgi?id=559110)
[20:37] <BUGabundo_Bones> fta: can your browser open this? http://㐃蔁.sl.pt
[20:38] <BUGabundo_Bones> chromium FINALLY fix utf8
[20:48] <BUGabundo_Bones> can your browser open this? http://%u3403%u8501.sl.pt
[20:49] <kbrosnan> damn one image on that page is 3.5 MB
[20:56] <BUGabundo_Bones> yes!
[20:56] <BUGabundo_Bones> dumb ppl
[20:56] <BUGabundo_Bones> the entire site is 25MBs
[21:18] <DASPRiD> server not found
[21:18] <DASPRiD> ah, first link works
[21:18] <DASPRiD> pretty huge pake, took 4 seconds to load!
[21:18] <DASPRiD> *page
[21:19] <DASPRiD> i really need more than 100mbit :)
[21:19] <BUGabundo_Chuck> ahahah
[21:19] <DASPRiD> btw i'm wondering, when are the css 3 specifications going to make it final? i'd like to get rid of all those -vendor-prefixes
[21:23] <fta> mdeslaur, the $1 question, should i document some CVE as fixed between 5.0.375.38~r46659 and 5.0.375.55~r47796?
[21:27] <mdeslaur> fta: I don't think any security issues were fixed between r46659 and r47796...
[21:28] <fta> mdeslaur, ok, good, so it will be mostly "minor crash and stability fixes"
[21:28] <fta> quoting upstream
[21:28] <mdeslaur> fta: sure...and this time, it will go directly to -proposed with an SRU process, instead of going through security
[21:29] <fta> mdeslaur, what's the difference for me?
[21:30] <fta> btw, the security team is supposed to keep that up to date: http://sites.google.com/a/chromium.org/dev/Home/chromium-security/chromium-security-bugs
[21:31] <mdeslaur> fta: looks like they haven't updated that since February :(
[21:31] <fta> mdeslaur, that's why i said "supposed to"
[21:31] <mdeslaur> fta: :)
[21:43] <micahg> chrisccoulson: so at least the package set will get created now :)
[21:44] <fta> mdeslaur, not sure, should i use lucid-proposed or lucid-updates for the new version?
[21:44] <mdeslaur> fta: lucid-proposed
[21:45] <mdeslaur> fta: this is the process that needs to be done since that update doesn't have security fixes in it: https://wiki.ubuntu.com/StableReleaseUpdates?action=show&redirect=MOTU%2FSRU
[21:45] <fta> mdeslaur, chromium-browser (5.0.375.55~r47796-0ubuntu0.10.04.1) lucid-proposed; urgency=low ?
[21:46] <mdeslaur> fta: looks good
[21:49] <fta> mdeslaur, and should i include the src tarball (which i already uploaded to maverick).. not sure if it's build isolated or not
[21:49] <fta> built
[21:50] <fta> damn, SRU bug number, i forgot
[21:50] <fta> last time, we said it was no longer needed for chromium
[21:51] <fta> or was is for +1 only? i don't remember
[21:51] <fta> asac, ^^ ?
[21:52] <mdeslaur> fta: since the package for bug #584016 is already in -proposed, you need to wait until someone verifies it and it gets moved to -updates before you upload another one to -proposed
[21:52] <ubot4> Launchpad bug 584016 in chromium-browser (Ubuntu Maverick) (and 2 other projects) "security update available for chromium (affects: 1) (heat: 262)" [Undecided,Fix released] https://launchpad.net/bugs/584016
[21:53] <fta> mdeslaur, yeah, i'll wait then
[21:54] <fta> https://edge.launchpad.net/ubuntu/maverick/+source/chromium-browser/5.0.375.55~r47796-0ubuntu1
[21:54] <mdeslaur> fta: I'll test it right now, and add the appropriate comment for ubuntu-sru so they can push it out
[21:59] <mdeslaur> so...this is probably a dumb question...but how do I add a bookmark in chromium?
[21:59] <mdeslaur> oh, the star
[21:59] <mdeslaur> wow, that's non-obvious
[22:13] <BUGabundo_Chuck> fta: "Chamamos, por isso, especial atenção para os cidadãos que possuam o sistema operativo Mozzila Firefox"
[22:13] <BUGabundo_Chuck> seems Firefox is now an OS too
[22:14] <fta> can't read that
[22:14] <BUGabundo_Chuck> use google tranlate :)
[22:14] <BUGabundo_Chuck> or learn another language :)
[22:14] <fta> i know 5 already
[22:14] <BUGabundo_Chuck> source http://www.portaldocidadao.pt/PORTAL/pt/Dossiers/DOS_alteracao+de+morada+no+cartao+de+cidadao.htm?passo=1
[22:14] <BUGabundo_Chuck> oh you do? make it 6 :))
[22:15] <BUGabundo_Chuck> how many of those aren't computer languages :P
[22:16] <fta> none, i know more than 2 dozens of computer languages, most of them being obsolete :P
[22:16] <BUGabundo_Chuck> ahah
[22:40] <fta> https://edge.launchpad.net/~chromium-daily/+archive/stable
[22:42] <BUGabundo_Chuck> YAY
[22:45] <BUGabundo_Chuck> ahahaha
[22:46] <BUGabundo_Chuck> and then ppl redent to groups too mich
[22:46] <BUGabundo_Chuck> *much
[22:46] <BUGabundo_Chuck> fta: u spammer :)
[22:46] <fta> did i redent? i don't think so
[22:58] <fta> who's doing the app indicator thingy now?
[22:58] <fta> in relation to gwibber
[22:58] <fta> chrisccoulson, ^^ ?
[22:59] <chrisccoulson> fta - kenvandine ;)
[22:59] <fta> i still see "Set Up Broadcast account" even when gwibber is open
[23:00] <fta> was the doing that in lucid too
[23:08] <fta> http://blog.rescuetime.com/2010/05/24/the-tragic-cost-of-google-pac-man-4-82-million-hours/
[23:10] <BUGabundo_Chuck> ahahaahah
[23:23] <DASPRiD> lol