[18:12] <kees> meetin' time?
[18:13] <robbiew> :)
[18:13] <jdstrand> o/
[18:13] <mdeslaur> yep
[18:14] <kees> okay, I'll start...
[18:14] <kees> this coming week I've got a few things to publish, and I'm going to start up a kernel cycle too
[18:15] <kees> I've got openoffice on deck, and while I wait for that to build, I'm hoping to snag a few other low-hanging fruits.
[18:15] <kees> I spent a fair bit of time last week reviewing glibc issues, mainly the longjmp borkage on amd64+fortify
[18:16] <kees> beyond that, I'm done.  mdeslaur!
[18:16] <mdeslaur> so...I have an embargoed issue I'm working on
[18:16] <mdeslaur> and then will continue php5 updates
[18:16] <mdeslaur> and am on community this week
[18:16] <mdeslaur> that's it from me
[18:17] <jjohansen> \o
[18:17]  * sbeattie can go next.
[18:17] <jdstrand> go ahead
[18:17] <jdstrand> hey jjohansen
[18:17] <jjohansen> sbeattie: please I didn't mean to interrupt
[18:17] <sbeattie> I've pushed a no-change rebuild of ant to the security-proposed pocket; I still need to test out building openjdk locally.
[18:18] <sbeattie> I do have a question on publishing ant, should I issue a USN for it?
[18:19] <jdstrand> sbeattie: can you remind me of the issue again?
[18:19] <kees> sbeattie: we tend to be of two minds on this. I generally do not do USNs for rebuilds.
[18:19] <jdstrand> (ie, why you need t upload ant)
[18:19] <kees> sbeattie: e.g. when we moved the compiler from -updates to -security, I didn't do a USN.
[18:19] <sbeattie> Anyway, the plan is once I get ant published in the security pocket, then push an openjdk SRU no-chagne rebuild to fix the regressions with building openjdk against the non-updates ant.
[18:20] <jdstrand> sbeattie: so ant isn't broken because of the new openjdk, it is that openjdk won't build because of the old ant. correct?
[18:21] <sbeattie> jdstrand: short answer is that ant/lucid got updated to fix mis-compilation with openjdk, but publishing through -security keepos reintroducing those bugs.
[18:21] <jdstrand> then no USN imo
[18:21] <mdeslaur> sbeattie: if you're going to do a openjdk SRU, why did you need to build ant in -security?
[18:21] <jdstrand> if ant was broken, then a -2 or similar
[18:21] <sbeattie> mdeslaur: for the next time we do an openjdk security update.
[18:22] <mdeslaur> ah, ok
[18:22] <mdeslaur> cool
[18:22] <sbeattie> that was what we agreed upon.
[18:22] <mdeslaur> sbeattie: yeah, but I suffer from memory fragmentation issues
[18:22]  * sbeattie is steering by advice given, not pure obstinance.
[18:22] <sbeattie> mdeslaur: don't we all.
[18:23] <ScottK> mdeslaur: I didn't think you were old enough for that.
[18:23] <mdeslaur> ScottK: oh? :)
[18:24] <jdstrand> ScottK: you wouldn't think so, yet... here we are
[18:24] <jdstrand> :P
[18:24] <sbeattie> anyway, other stuff: apparmor 2.5.1: fixed and pulled a few more issues, and I've finally spun a 2.5.1 rc1 candidate tarball and pushed to the launchpad page: https://launchpad.net/apparmor/+download
[18:24] <ScottK> You being a youngster and all (or at least well preserved)
[18:24] <sbeattie> I'm aware jjohansen has at least one more patch he wants in.
[18:24] <sbeattie> I also need to announce the rc1 upload to the mail list.
[18:25] <jdstrand> sbeattie, jjohansen: how much of the rc1 official is different from what is in maverick now?
[18:25] <jdstrand> (and what else do we want to target to maverick)
[18:26] <sbeattie> jdstrand: I think it's the same except for a few changes I made to the toplevel Makefile and the common/Make.rules to support automating tarball/snapshot generation.
[18:26] <jdstrand> ah cool
[18:26] <sbeattie> (I was a bad release manager, I committed those changes without signoff)
[18:27] <jjohansen> sbeattie: nah it was just preacked ;)
[18:27] <kees> I'd like to see 2.5.1 in maverick (and then SRUd to lucid at some point...)
[18:27] <jjohansen> jdstrand: I have the one outstanding patch I need to finish up
[18:27] <jdstrand> kees: 2.5.1rc1 is in maverick now
[18:28] <jjohansen> mavericks kernel is newer than 2.5.1
[18:28]  * jdstrand is curious about the test suite issues he found last week
[18:28] <jjohansen> jdstrand: I've started looking and will get back to you on them
[18:29] <sbeattie> jjohansen: thanks.
[18:29] <jdstrand> jjohansen: cool. I would think that if there are userspace issues, they might be 2.5.1 candidates, or at the very least 2.5.2 and we pull into maverick
[18:29] <jjohansen> jdstrand: I am okay with that
[18:29] <jdstrand> nice
[18:30] <sbeattie> yep, makes sense.
[18:30] <sbeattie> anyway, other than that, I'm on triage this week.
[18:30] <sbeattie> and I think that's all I've got. jdstrand?
[18:31] <jdstrand> so, as inferred, I got apparmor 2.5.1rc1 into maverick last week. I also did a lot with browser updates and published sudo
[18:32] <jdstrand> for this week, I am working on two embargoed issues and another round of firefox/tbird testing (upstream regressions)
[18:33] <jdstrand> I'm also trying to get the chromium in lucid-proposed pushed into -security and -updates... need to followup with ubuntu-sru
[18:33] <jdstrand> kees: since you are our TB liaison, could you give a highlevel status update on what is happening with chromium and -security, etc
[18:34] <kees> jdstrand: sure, one sec
[18:35]  * kees reviews the emails again
[18:35] <jdstrand> I forgot to mention that I wasn't able to do anything with libvirt last week due to the above, and that it looks like I may not be able to again this week
[18:36] <jdstrand> I have libvirt packages in the security ppa and I feel really good about them, but lucid's libvirt requires changes to virtinstall for sure, vmbuilder (not likely), and testing with virt-manager and eucalyptus
[18:36] <jdstrand> err, vmbuilder *is* likely
[18:37] <jdstrand> I don't think euca will be affected cause they don't use snapshots or backing stores
[18:37] <kees> jdstrand: there isn't exactly an approved approach for chromium yet. it sounds like the "just publish it" approach is the only way to move forward, though.
[18:37] <jdstrand> the other three will likely require me to develop patches (though virtinstall upstream did just last week add the functionality required, so I might be able to just snag it)
[18:39] <jdstrand> kees: it would be nice to get that formalized. fwiw, I'd like to see an approval for whatever upstream gives us (like mozilla), with only the minimal changes to debian/ allowed for making it build on that release
[18:39] <kees> jdstrand: agreed, I'll ping about it.
[18:40] <jdstrand> kees: it has been kinda weird lately cause chromium has needed NEW packages like gyp and libvdx to even build it
[18:40] <kees> jdstrand: what was the status of upstream giving us access to pre-release code?
[18:40] <kees> yay
[18:41] <jdstrand> kees: but, only chromium needs those. another weird one is chromium-codecs-ffmpeg which needs to be part of the SRU-policy because it needs to move in step with chromium
[18:41] <jdstrand> kees: total silence
[18:42] <jdstrand> kees: nothing uses chromium-codecs-ffmpeg except chromium, so that shouldn't be a huge deal (but I wonder why we can't just put these tarballs inside chromium if *nothing* is using them)
[18:42] <jdstrand> nothing *else* that is
[18:43] <kees> yeah :(
[18:43] <jdstrand> kees: well, let me clarify my 'total silence' comment
[18:43] <jdstrand> kees: fta builds daily releases off of upstream code
[18:44] <kees> email sent...
[18:44] <jdstrand> due to the silence from upstream, we don't have any information on if the commits are security relevant, the timing of said commits or if the fixes were even in the dailies as compared to their final release
[18:45] <jdstrand> so we are pretty much in the dark
[18:45] <jdstrand> afaics
[18:45] <kees> okay
[18:45] <jdstrand> kees: fta may have another perspective
[18:46] <jdstrand> anyhoo, that is it from mee
[18:46] <jdstrand> me
[18:46] <jdstrand> kees: thanks for following up on that :)
[18:48] <kees> okidoky. any other issues for the security team? robbiew, nxvl, jjohansen ?
[18:48] <robbiew> nope
[18:48] <jjohansen> none here
[18:52] <kees> okay, thanks everyone!
[18:53] <robbiew> thnx kees
[18:57] <Xaphania> !seen laura
[18:57] <czajkowski> hmm
[19:03] <Xaphania> HellOlAloHallOhayo.. I HI.. SALUT bonjour guten tag good morning coucou ohayo saluté hasta siempre la victoria.
[19:07]  * Xaphania Quentin
[23:30] <Manuelbrs> hola
[23:31] <Manuelbrs> alguien que me pueda ayudar con un paso q me hace falta para formar parte de ubuntu colombian team?
[23:48] <Manuelbrs> alguien aqui que pueda brindarme ayuda?