=== freeflyi1g is now known as freeflying === Ursinha is now known as Ursinha-afk === Amaranth_ is now known as Amaranth === IdleOne is now known as MaverickOne === MaverickOne is now known as IdleOne === doko_ is now known as doko === ogra is now known as Guest34611 === Guest34611 is now known as ogra_ === jjohansen is now known as jj-afk === yofel_ is now known as yofel [12:15] o/ === chuck_ is now known as zul === Ursinha-afk is now known as Ursinha === ogra_ is now known as ogra === jj-afk is now known as jjohansen === Ursinha is now known as Ursinha-lunch === Seeker` is now known as Seeker === Seeker is now known as SeekerplusC === SeekerplusC is now known as Seeker === Seeker is now known as Seeker` === Ursinha-lunch is now known as Ursinha === dholbach_ is now known as dholbach [17:19] hello [17:19] hi! [17:20] here [17:22] alright, let's get started [17:22] #startmeeting [17:22] Meeting started at 12:22. The chair is jdstrand. [17:22] Commands Available: [TOPIC], [IDEA], [ACTION], [AGREED], [LINK], [VOTE] [17:22] * sbeattie waves [17:22] The meeting agenda can be found at: [17:22] [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting [17:22] LINK received: https://wiki.ubuntu.com/SecurityTeam/Meeting [17:22] [TOPIC] Review of any previous action items [17:22] New Topic: Review of any previous action items [17:23] I contacted xorg-security@ list and would be good if members of the ubuntu-security joined that list [17:23] I followed up and security@ubuntu.com should now be joined [17:24] yep [17:24] I don't think there are any other action items [17:24] [TOPIC] Weekly stand-up report [17:24] New Topic: Weekly stand-up report [17:25] kees is on holiday today. I am not sure everything he has planned, but he is triager for the week, and I noticed kernels are getting ready for publication [17:25] as for me, I'm in the happy place [17:25] I am working on several updates (libvirt, openldap and dbus-glib) [17:26] I've still not followed up on the bunch of little bugs I keep talking about, but need to do that (esp for ufw) before Thursday, which is the freeze for beta [17:26] I should be looking into Blackhat registration [17:27] as well as archive admin work for Beta [17:27] that should be it for me [17:27] mdeslaur: you're up [17:27] I'm on happy place this week, but since kees is triager and on holiday, I'll pick up the triager role [17:28] I'm currently working on php5 and subversion, and will pick up a couple of more things to work on this week [17:28] That's it from me [17:28] mdeslaur: fyi, I think he'll be on at least Tue and Wed... [17:28] mdeslaur: thanks [17:28] sbeattie: you're next [17:28] jdstrand: oh? ok...I'll triage whenever he's not here [17:29] I covered mdeslaur's triage last week, I guess I'm on community this week... [17:29] * jdstrand nods [17:29] I think mdeslaur updated the /topic for that [17:30] sbeattie: btw, I uploaded the security fake sync for libcgroup this morning, so you don't have to worry about that [17:30] jdstrand: cool, thanks. [17:30] I just put whatever I thought the next rotation was, but if that's not appropriate, we can change it [17:30] that feels appropriate to me... [17:30] right, I'd thought this week was my regular triage week. [17:30] but, whatever works. [17:31] anyway, published krb5 and the armel openjdk (huzzah, finally) last week. [17:32] I pushed up an apparmor 2.6.1 release candidate this morning, and want to release the final version this week (it's a small set of fixes over 2.6.0) [17:33] In particular, mod_apparmor is broken in natty [17:33] will also submit a merge to fix for natty before beta freeze [17:33] sbeattie: are you planning to package that for natty before beta? [17:33] ah [17:33] small but important fixes [17:34] yeah [17:34] sbeattie: I fixed via non-variable the multiarch stuff so natty wasn't broken, but we should make a decision on what to do there [17:34] (as upstream) [17:34] then merge that into the update [17:34] right, I saw that, but haven't thought about it carefully. [17:34] * jdstrand either [17:35] anyway, I'll probably try to pick up another update this week [17:35] and I think that's it for me. [17:36] thanks [17:36] micahg: you're up [17:36] sorry, I apparently was thought I was here before, but wasn't [17:37] going through webkit CVEs, then will prepare uploads for karmic-maverick [17:37] guessing there will be a chromium update we need later this week... [17:37] lovely [17:38] we dodged 2 already :) [17:38] next round of mozilla updates hopefully not until Apr 19 [17:39] * jdstrand nods [17:39] I'm worried about xulrunner-1.9.2 in natty since it will be unsupportable, so I might look and see what I can do there after webkit is done (probably not this week) [17:40] and I haven't piloted yet, so that will be sometime before the end of the month [17:40] I think that's it [17:40] micahg: re xul> sounds reasonable-- please coordinate/share load with chrisccoulson [17:41] jdstrand: will do [17:41] at this moment in time, i think that xul-2.0 is more unsupportable ;) [17:41] chrisccoulson: we need to chat about that in a bit :) [17:41] from the ML discussion upstream, it is only going to be supported until ff-5.0 is released [17:41] which will be 3 months ;) [17:42] or 4 [17:42] chrisccoulson: and 1.9.2 will probably be dropped next month ;) [17:42] hmmm [17:42] I'll let you two duke that out outside of this meeting [17:42] :) [17:42] right [17:42] kill it [17:42] :-) [17:42] +1 [17:42] i'm wasting far too much time on a load of crappy applications i never use ;) [17:42] seriously, it is turning into an internal dependency these days... [17:43] why not just embrace it :) [17:43] anyhoo [17:43] micahg: thanks [17:43] [TOPIC] Miscellaneous and Questions [17:43] New Topic: Miscellaneous and Questions [17:44] first up, self-eval part of performance reviews are due by the 25th. I ask that you have them done by the 24th if possible so I can look at them [17:45] (I need to countersign them, etc, and would rather not be trying to fix problems on friday after HR went home) [17:46] also, I wanted to mention oss-security@ [17:46] I'm not sure how others are dealing with it, but I have personally not been looking at it extremely closely. I think that is wrong [17:46] esp with the demise of vsec [17:47] wrong because I noticed that mitre has been quite slow recently, and people are releasing things before CVEs are in our tracker [17:47] s/people/other distros/ [17:47] so, please keep oss-security@ in mind when triager [17:48] I don't have anything else [17:49] jjohansen: is there anything you'd like to bring up for us to help with? [17:49] (or anything else) [17:50] hrmm, nothing I can think of atm [17:50] cool [17:50] I think that is a wrap then [17:50] thanks everyone! [17:50] #endmeeting [17:50] Meeting finished at 12:50. [17:50] thanks jdstrand [17:51] thanks! [17:52] thanks === chuck_ is now known as zul === chuck_ is now known as zul === chuck_ is now known as zul === chuck_ is now known as zul === Quintasan_ is now known as Quintasan === mquin_ is now known as mquin === Ursinha is now known as Ursinha-afk === Ursinha-afk is now known as Ursinha === ogra is now known as Guest27445