=== JoseeAntonioR is now known as Guest41415 === Guest41415 is now known as JoseeAntonioR === fenris is now known as Guest69384 === doko__ is now known as doko === lhavelund is now known as MenZa === MenZa is now known as lhavelund === mmrazik is now known as mmrazik|afk === cking_ is now known as cking === mmrazik|afk is now known as mmrazik === ogra-cb__ is now known as ogra-cb === lamont` is now known as lamont === greyback is now known as greyback|lunch === lan3y is now known as Laney === davmor2_ is now known as davmor2 === Quintasan_ is now known as Quintasan === Tonio_ is now known as Tonio_aw === Tonio_aw is now known as Tonio_ === Myrtti_ is now known as Myrtti === Tonio_ is now known as Tonio_aw === Tonio_aw is now known as Tonio_ === smoser` is now known as smoser === LordOfTime is now known as TheLordOfTime [18:04] hi! [18:04] Hello [18:04] hello [18:04] #startmeeting [18:04] Meeting started Mon Nov 26 18:04:33 2012 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. [18:04] Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired [18:04] The meeting agenda can be found at: [18:04] [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting [18:04] [TOPIC] Weekly stand-up report === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report [18:04] I'll go first [18:05] I'm on community this week. thanks mdeslaur for covering for my at the end of last week [18:05] np, yw [18:05] I have a lynx-cur update I hope to push out this week and an embargoed issue [18:06] I also should be finishing my secure boot db/dbx updates package and work items for secure boot this week [18:06] I have patch piloting duties as well [18:06] there are also some MIR audits to attend to. I'll probably pull in sarnold to help with some of those as well [18:06] mdeslaur: you're up [18:07] I'm in the happy place this week [18:07] I'm currently publishing libssh updates [18:07] and will continue going down the never-ending CVE list [18:07] that's about it from me [18:07] sbeattie: you're up [18:07] we're like the postoffice [18:07] yes, hopefully with less automatic weapons [18:07] that said, we are in really good shape lately [18:08] I'm once again an apparmor monkey boy this week [18:08] better than we've been in a long time [18:08] heh [18:09] I'm still working on getting the prototype display manager patch into a state where we can start to play with it, and see what mediation abstractions fall out of it. [18:09] I'm also still trying to review jjohansen's patch bombs as well as clear out other miscellaneous apparmor stuff. [18:09] that's it for me. [18:09] micahg: you're up. [18:10] trying to drive the webkit stable update to completion and trying to get some fresh chromium updates as well [18:11] will also be keeping an eye out for mozilla point releases if they come along [18:11] tyhicks: you're up [18:12] I'm wrapping up my work for the ecryptfs-utils SRU this morning [18:12] Then I'll be looking at the dbus patches for apparmor to determine why I'm not able to mediate messages [18:13] Then, I'll be working more on the dbus prototype [18:13] That's it [18:13] jjohansen: you're up [18:13] I will be fixing a couple known bugs in last weeks apparmor patch bomb, and finishing up the changes to the base labeling patches so I can drop another patch bomb this week [18:14] I think that is it from /me sarnold your up [18:14] I'm still working on the perl updates; the old packaging system and I didn't get along very well, but I think we've come to an understanding. [18:15] I've written tests for three of the CVEs in qrt; I want to take another look at them today and make sure they look reasonable before pushing [18:15] sarnold: have you agreed to disagree? [18:15] mdeslaur: yes. [18:15] hehe [18:15] mdeslaur: and we're hoping that hardy and lucid go EOL before another perl update. :) [18:16] hehe :) [18:16] .. but since that never quite happens, I'll try to write up some notes on what I found, so the next time I need it, they'll be there. [18:17] I've also got to take a closer look at some qemu patches hallyn asked for our review of... [18:17] .. and doko asked us to investigate some issues, I'll find out their status [18:17] s/issues/gcc issues/ [18:17] sarnold: ok, you can put your notes in $qrt/build_testing [18:18] mdeslaur: hrm, I thought there was a different path for the patching-and-building notes... [18:18] (or notes_testing/ - the distinction has grown extremely blurry-- we might consider merging them) [18:19] yeah, I'm always confused which is which [18:19] traditionally build_testing/ has been notes on how to get you results/ [18:19] whereas notes_testing/ is the catch-all. I've probably not followed that myself-- it is a very fine hair [18:19] uhoh, we lost the meeting bot. [18:20] anyhoo [18:20] I think that's it for me, jdstrand? [18:20] sarnold: did you have anything else to report? [18:20] cool [18:20] [TOPIC] Highlighted packages [18:20] The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. [18:21] See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. [18:21] http://people.canonical.com/~ubuntu-security/cve/pkg/mahara.html [18:21] http://people.canonical.com/~ubuntu-security/cve/pkg/osc.html [18:21] http://people.canonical.com/~ubuntu-security/cve/pkg/libsmi.html [18:21] http://people.canonical.com/~ubuntu-security/cve/pkg/icecast2.html [18:21] http://people.canonical.com/~ubuntu-security/cve/pkg/wv2.html [18:21] [TOPIC] Miscellaneous and Questions [18:21] Does anyone have any other questions or items to discuss? [18:29] #endmeeting [18:29] mdeslaur, sbeattie, micahg, tyhicks, jjohansen, sarnold: thanks! [18:29] thanks jdstrand [18:30] thanks jdstrand :) [18:30] jdstrand: thanks [18:31] thanks jdstrand! [18:31] jdstrand: thanks! === yofel_ is now known as yofel === LordOfTime is now known as TheLordOfTime === lifeless_ is now known as lifeless [21:00] hello [21:01] cjwatson, kees, soren, stgraber, mdz: TB meeting? [21:02] Here [21:02] We had an empty agenda when I looked earlier today, though [21:02] yeah, the only thing that catches my eye is the brainstorm review [21:03] nothing techboard-ish in my mailbox apparently [21:03] * stgraber waves [21:05] so for the brainstorm review, do you guys have some opinion whether we should continue this? [21:05] from the last cycles that we actually did do, I found it moderately helpful [21:05] pitti, hi [21:05] Well, I still think it's a good thing for us to do, but it's beginning to seem like a lost cause [21:05] but it seems to help less and less, with design being more institutionalized [21:05] I (still) think it is better to discontinue it explicitly than to allow it to be in limbo like this [21:06] I volunteer for doing this round, if we want to try another one [21:06] I think the last one was kind of started, but then just silently died [21:06] Mm, I found the non-design bits of the review I did more productive than the design bits [21:07] right, the part that I found useful was the reality check [21:07] in my last round I found that the majority of cases that users voted up were actually being handled already, but there were some gems which warranted a closer look [21:08] so, unless you guys have a strong opinion to close the lid on that one (doesn't seem so), I'll just have a go at it? [21:08] * soren wanders in [21:09] I don't see why you shouldn't have a go at it if you're keen [21:09] ok, I'll add it as an action item them [21:09] But on the principle of setting achievable targets, it doesn't seem that it's a sensible thing for the TB to set itself, given that we generally seem to fail at it [21:10] pitti: I found it extremely difficult to figure out who I should assign each of the items to. Perhaps you, being more in touch with things than I, will do a better job. [21:11] soren: I was mostly asking appropriate people and TLs on IRC back then [21:11] That's the thing. I hardly even know who the TLs and "appropriate people" are these days. [21:11] of course I know the desktop guys, but e. g. for server and kernel I asked Daviey and ogasawara about "who would be suitable to have a look at this" [21:12] Is https://wiki.ubuntu.com/Teams not up to date? [21:12] right, so maybe I'll have more luck; still depends on people actually responding [21:12] cjwatson: Gosh. I didn't even know about that page :( [21:12] It's the third link in the body text off the front page :) [21:12] Mind you OMG horrible colours [21:12] (Can anyone actually read the contents of the "Team Name" column?) [21:13] the shape looks quite LCARish, just wrong colors [21:13] yeah, I can read it well, but it doesn't look that good [21:13] cjwatson: Yeah, it's not too bad for me. [21:13] cjwatson: Could be better for sure, but it's readable. [21:13] pitti: LCAR> I had to look that up :) [21:13] anyway, there are 0 community bugs and (from what I can see) zero pending ML issues, so that's it? [21:13] cjwatson: LCARS, sorry [21:16] https://wiki.ubuntu.com/TechnicalBoardAgenda updated for next meeting and that action item [21:16] cjwatson, soren, mdz, stgraber: anything else from you? [21:17] I have nothing else [21:17] Nope. [21:17] then good night everyone! [21:18] nope [21:18] o/