[12:15] <JackyAlcine> o/
[17:19] <mdeslaur> hello
[17:19] <jdstrand> hi!
[17:20] <jjohansen> here
[17:22] <jdstrand> alright, let's get started
[17:22] <jdstrand> #startmeeting
[17:22] <MootBot> Meeting started at 12:22. The chair is jdstrand.
[17:22] <MootBot> Commands Available: [TOPIC], [IDEA], [ACTION], [AGREED], [LINK], [VOTE]
[17:22]  * sbeattie waves
[17:22] <jdstrand> The meeting agenda can be found at:
[17:22] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[17:22] <MootBot> LINK received:  https://wiki.ubuntu.com/SecurityTeam/Meeting
[17:22] <jdstrand> [TOPIC] Review of any previous action items
[17:22] <MootBot> New Topic:  Review of any previous action items
[17:23] <jdstrand> I contacted xorg-security@ list and would be good if members of the ubuntu-security joined that list
[17:23] <jdstrand> I followed up and security@ubuntu.com should now be joined
[17:24] <sbeattie> yep
[17:24] <jdstrand> I don't think there are any other action items
[17:24] <jdstrand> [TOPIC] Weekly stand-up report
[17:24] <MootBot> New Topic:  Weekly stand-up report
[17:25] <jdstrand> kees is on holiday today. I am not sure everything he has planned, but he is triager for the week, and I noticed kernels are getting ready for publication
[17:25] <jdstrand> as for me, I'm in the happy place
[17:25] <jdstrand> I am working on several updates (libvirt, openldap and dbus-glib)
[17:26] <jdstrand> I've still not followed up on the bunch of little bugs I keep talking about, but need to do that (esp for ufw) before Thursday, which is the freeze for beta
[17:26] <jdstrand> I should be looking into Blackhat registration
[17:27] <jdstrand> as well as archive admin work for Beta
[17:27] <jdstrand> that should be it for me
[17:27] <jdstrand> mdeslaur: you're up
[17:27] <mdeslaur> I'm on happy place this week, but since kees is triager and on holiday, I'll pick up the triager role
[17:28] <mdeslaur> I'm currently working on php5 and subversion, and will pick up a couple of more things to work on this week
[17:28] <mdeslaur> That's it from me
[17:28] <jdstrand> mdeslaur: fyi, I think he'll be on at least Tue and Wed...
[17:28] <jdstrand> mdeslaur: thanks
[17:28] <jdstrand> sbeattie: you're next
[17:28] <mdeslaur> jdstrand: oh? ok...I'll triage whenever he's not here
[17:29] <sbeattie> I covered mdeslaur's triage last week, I guess I'm on community this week...
[17:29]  * jdstrand nods
[17:29] <jdstrand> I think mdeslaur updated the /topic for that
[17:30] <jdstrand> sbeattie: btw, I uploaded the security fake sync for libcgroup this morning, so you don't have to worry about that
[17:30] <sbeattie> jdstrand: cool, thanks.
[17:30] <mdeslaur> I just put whatever I thought the next rotation was, but if that's not appropriate, we can change it
[17:30] <jdstrand> that feels appropriate to me...
[17:30] <sbeattie> right, I'd thought this week was my regular triage week.
[17:30] <sbeattie> but, whatever works.
[17:31] <sbeattie> anyway, published krb5 and the armel openjdk (huzzah, finally) last week.
[17:32] <sbeattie> I pushed up an apparmor 2.6.1 release candidate this morning, and want to release the final version this week (it's a small set of fixes over 2.6.0)
[17:33] <sbeattie> In particular, mod_apparmor is broken in natty
[17:33] <sbeattie> will also submit a merge to fix for natty before beta freeze
[17:33] <jdstrand> sbeattie: are you planning to package that for natty before beta?
[17:33] <jdstrand> ah
[17:33] <jjohansen> small but important fixes
[17:34] <sbeattie> yeah
[17:34] <jdstrand> sbeattie: I fixed via non-variable the multiarch stuff so natty wasn't broken, but we should make a decision on what to do there
[17:34] <jdstrand> (as upstream)
[17:34] <jdstrand> then merge that into the update
[17:34] <sbeattie> right, I saw that, but haven't thought about it carefully.
[17:34]  * jdstrand either
[17:35] <sbeattie> anyway, I'll probably try to pick up another update this week
[17:35] <sbeattie> and I think that's it for me.
[17:36] <jdstrand> thanks
[17:36] <jdstrand> micahg: you're up
[17:36] <micahg> sorry, I apparently was thought I was here before, but wasn't
[17:37] <micahg> going through webkit CVEs, then will prepare uploads for karmic-maverick
[17:37] <micahg> guessing there will be a chromium update we need later this week...
[17:37] <jdstrand> lovely
[17:38] <micahg> we dodged 2 already :)
[17:38] <micahg> next round of mozilla updates hopefully not until Apr 19
[17:39]  * jdstrand nods
[17:39] <micahg> I'm worried about xulrunner-1.9.2 in natty since it will be unsupportable, so I might look and see what I can do there after webkit is done (probably not this week)
[17:40] <micahg> and I haven't piloted yet, so that will be sometime before the end of the month
[17:40] <micahg> I think that's it
[17:40] <jdstrand> micahg: re xul> sounds reasonable-- please coordinate/share load with chrisccoulson
[17:41] <micahg> jdstrand: will do
[17:41] <chrisccoulson> at this moment in time, i think that xul-2.0 is more unsupportable ;)
[17:41] <micahg> chrisccoulson: we need to chat about that in a bit :)
[17:41] <chrisccoulson> from the ML discussion upstream, it is only going to be supported until ff-5.0 is released
[17:41] <chrisccoulson> which will be 3 months ;)
[17:42] <chrisccoulson> or 4
[17:42] <micahg> chrisccoulson: and 1.9.2 will probably be dropped next month ;)
[17:42] <chrisccoulson> hmmm
[17:42] <jdstrand> I'll let you two duke that out outside of this meeting
[17:42] <jdstrand> :)
[17:42] <micahg> right
[17:42] <chrisccoulson> kill it
[17:42] <chrisccoulson> :-)
[17:42] <jdstrand> +1
[17:42] <chrisccoulson> i'm wasting far too much time on a load of crappy applications i never use ;)
[17:42] <jdstrand> seriously, it is turning into an internal dependency these days...
[17:43] <jdstrand> why not just embrace it :)
[17:43] <jdstrand> anyhoo
[17:43] <jdstrand> micahg: thanks
[17:43] <jdstrand> [TOPIC] Miscellaneous and Questions
[17:43] <MootBot> New Topic:  Miscellaneous and Questions
[17:44] <jdstrand> first up, self-eval part of performance reviews are due by the 25th. I ask that you have them done by the 24th if possible so I can look at them
[17:45] <jdstrand> (I need to countersign them, etc, and would rather not be trying to fix problems on friday after HR went home)
[17:46] <jdstrand> also, I wanted to mention oss-security@
[17:46] <jdstrand> I'm not sure how others are dealing with it, but I have personally not been looking at it extremely closely. I think that is wrong
[17:46] <jdstrand> esp with the demise of vsec
[17:47] <jdstrand> wrong because I noticed that mitre has been quite slow recently, and people are releasing things before CVEs are in our tracker
[17:47] <jdstrand> s/people/other distros/
[17:47] <jdstrand> so, please keep oss-security@ in mind when triager
[17:48] <jdstrand> I don't have anything else
[17:49] <jdstrand> jjohansen: is there anything you'd like to bring up for us to help with?
[17:49] <jdstrand> (or anything else)
[17:50] <jjohansen> hrmm, nothing I can think of atm
[17:50] <jdstrand> cool
[17:50] <jdstrand> I think that is a wrap then
[17:50] <jdstrand> thanks everyone!
[17:50] <jdstrand> #endmeeting
[17:50] <MootBot> Meeting finished at 12:50.
[17:50] <micahg> thanks jdstrand
[17:51] <sbeattie> thanks!
[17:52] <mdeslaur> thanks