[13:57] <bdrung> !dmb-ping
[13:58] <bdrung> meeting in a few minutes
[13:58]  * barry waves
[14:00]  * stgraber waves
[14:00] <barry> #startmeeting
[14:00] <meetingology> barry: Error: Can't start another meeting, one is in progress.
[14:00] <barry> :(
[14:01] <barry> #endmeeting
[14:01] <stgraber> #endmeeting
[14:01] <meetingology> Meeting ended Mon Dec 17 14:01:14 2012 UTC.
[14:01] <meetingology> Minutes (wiki):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2012/ubuntu-meeting.2012-12-13-19.00.moin.txt
[14:01] <meetingology> Minutes (html):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2012/ubuntu-meeting.2012-12-13-19.00.html
[14:01] <stgraber> barry: there you go
[14:01] <barry> thanks stgraber
[14:01] <barry> #startmeeting
[14:01] <meetingology> Meeting started Mon Dec 17 14:01:27 2012 UTC.  The chair is barry. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[14:01] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[14:01] <barry> hello and welcome to the last ubuntu developer membership board meeting of 2012
[14:02] <tumbleweed> hi
[14:02] <bdrung> the last DMB meeting before the world will end :D
[14:02] <barry> do we have quorum today?
[14:02] <micahg> o/
[14:02] <bdrung> barry: yes
[14:03] <barry> bdrung: if we give ~mayans upload rights will that avoid doomsday?
[14:03] <Laney> hey
[14:03] <barry> #topic Review of previous action items
[14:04] <barry> micahg to document the zentyal packageset
[14:04] <bdrung> barry: they should do uploads directly to Debian and wait for their next stable release. ;)
[14:04] <micahg> nope, will do over vacation
[14:04] <barry> micahg: thanks
[14:04] <barry> micahg to ask docs people if they want to apply for a packageset
[14:04] <barry> same?
[14:04] <micahg> let's drop this, I don't remember why this is necessary ATM
[14:04] <barry> k
[14:04] <micahg> I believe the relevant people have upload rights already
[14:05] <barry> #topic Review any packageset descriptions that have been received (micahg)
[14:05] <micahg> oh, wait, now I remember
[14:05] <micahg> leave it on, I'll try to ping the relevant person over vacation
[14:05] <barry> micahg: ok
[14:05] <micahg> and try to finish the packageset descriptions as well
[14:05] <barry> cool, thanks
[14:06] <barry> #topic Lightweight process for amending PPU rights (for DDs?) (Laney)
[14:06] <Laney> yeah so
[14:06] <Laney> sometimes we grant DDs PPU for "their packages"
[14:06] <Laney> but we don't really have a way of extending this when they acquire more over time
[14:07] <Laney> I suppose we should?
[14:07] <tumbleweed> having one or two people ack it on the mailing list would work for me
[14:07] <Laney> in general we usually say that it's a good idea to make the path for DDs wanting to upload to Ubuntu as smooth as possible
[14:08] <barry> tumbleweed: +1
[14:08] <micahg> yeah, this should be fine as long as they're not migrating from not on ISO -> ISO or no rdeps to lots of rdeps
[14:08] <Laney> people on the dmb?
[14:08] <micahg> and specifically for DDs
[14:08] <bdrung> one ACK on the mailing list without any dmb member against it
[14:08] <Laney> apparently this came up before, let me find the irc log
[14:09] <Laney> 2010-11-02
[14:09] <tumbleweed> then we expect that DMB member to do some research (e.g. determine if it's the uploader's first seeded package)
[14:09] <Laney> http://irclogs.ubuntu.com/2010/11/02/%23ubuntu-meeting.html#t15:04
[14:09] <bdrung> could we extent the PPU right application to apply for package groups like we do for package sets (i apply for foo-* / i apply for my DD packages)
[14:10] <Laney> yes, that happens
[14:11] <Laney> I wouldn't say that we need to ask the TB to ack this, despite the fact that it was the TB who had ^^^ discussion
[14:11] <barry> right, these are folks who already have dd and some ubuntu upload rights, so i think a lightweight verification of ongoing good work should be sufficient
[14:11] <Laney> so it's
[14:11] <Laney>  - be a DD
[14:12] <Laney>  - have attended the DMB before and gotten some PPU
[14:12] <Laney>  - not be extending the 'impact' of the packages (or you get further questioning by email)
[14:12] <tumbleweed> sounds good
[14:13] <barry> and specifically asking for ppu on packages they are the debian maintainer of?
[14:13] <Laney> or in the team which is
[14:13] <Laney> maybe?
[14:14] <barry> yeah, i was going to ask about teams :)
[14:14] <bdrung> Laney: then they should be uploaders of these packages
[14:14] <tumbleweed> if they've been an active recent uploader of it, then team member would be ok for me
[14:14] <micahg> yeah, if it's team maintained and they are DD, they are probably expected to upload, so that seems fine (assuming the other conditions are met)
[14:14] <tumbleweed> but they should probably be an Uploader at that point...
[14:14] <Laney> not all teams manage uploaders in the same way
[14:15] <bdrung> some teams are quite big
[14:15] <tumbleweed> fair enough
[14:15] <Laney> if they're active on the package (use judgement) then it should be ok
[14:15] <Laney> look at uploads or vcs or whatever
[14:15] <bdrung> re number of packages
[14:15] <tumbleweed> at some point, for a biggish team, I'd image that packagesets start making more sense than PPU
[14:15] <barry> maybe we can just say that if laney's three criteria are met, expedited ppu *can* be provided, but still at the discretion of the dmb.  then we can more or less take it case-by-case
[14:16] <Laney> perhaps
[14:16] <Laney> action me to wikify it and mail
[14:16] <bdrung> the packages overview for Debian Multimedia Maintainers shows 369 packages, for example
[14:16] <barry> #action laney to describe criteria and process for lightweight amending of ppu rights (for dds)
[14:16] <meetingology> ACTION: laney to describe criteria and process for lightweight amending of ppu rights (for dds)
[14:17] <barry> shall we move on?
[14:17] <barry> #topic Package Sets
[14:17] <barry> none today
[14:17] <barry> #topic PerPackageUploader Applications
[14:17] <barry> roadmr: hi, are you here today?
[14:17] <roadmr> hello!
[14:18] <barry> #link https://wiki.ubuntu.com/DanielManrique/PerPackageUploadRightsApplication
[14:18] <barry> roadmr: could you introduce yourself and describe what you're applying for?
[14:18] <roadmr> Sure!
[14:18] <roadmr> Hi, I'm Daniel. I'm a hardware certification engineer at Canonical.
[14:18] <roadmr> I'm part of the team responsible for the checkbox system testing tool that ships with Ubuntu, and I usually handle preparation of the checkbox code that will go up into Ubuntu.
[14:18] <roadmr> We rely on help from sponsors to get our changes up into Ubuntu. I'd like to be able to contribute in a more effective way by handling these uploads myself.
[14:19] <roadmr> This will let me take some workload off our sponsors, work more closely with other checkbox contributors, and gaining more experience in the upload process to hopefully help sponsors with upload reviewing.
[14:19] <roadmr> Thanks!
[14:19] <roadmr> ..
[14:20] <bdrung> roadmr: is checkbox Ubuntu specific?
[14:20] <roadmr> bdrung: yes, it doesn't exist in Debian
[14:21]  * Laney is re-reading the application
[14:21] <roadmr> bdrung: It *could* potentially be made to work on Debian, it's just work we haven't done
[14:21] <bdrung> roadmr: let me rephrase my question. can checkbox only be used in Ubuntu or could it be used by other distributions for QA, too?
[14:22] <roadmr> bdrung: oh I understand now. It could be used by other distros, some work would be required
[14:22] <roadmr> bdrung: on the packaging front it may depend on packages and/or versions that may only make sense in Ubuntu
[14:23] <bdrung> roadmr: then it would be nice if checkbox would be change to a non-native format.
[14:23] <roadmr> bdrung: and some of the tests depend on packages and/or services that are default in Ubuntu but may be optional in other distros, so are not declared as explicit dependencies, without those the tests will fail
[14:23] <barry> roadmr: is there a way to make tests optional or easily disabled?
[14:24] <micahg> roadmr: depending on what they are, perhaps they should be part of the build dependencies then
[14:24] <roadmr> bdrung: we have plans for that, so that checkbox can be distributed as a source tar.gz and Ubuntu packaging be added afterwards, this would ease use by other distros - again, it's in the list of things we want to do but nothing concrete yet
[14:24] <bdrung> i see the tendency to make package native just because it should be put in Ubuntu (despite the fact that the package could be useful on other distributions)
[14:25] <roadmr> barry: yes, you can either declare which tests to run in a "runlist" (we call them whitelists), or simply remove the check mark for each test in a selection screen
[14:26] <roadmr> micahg: yes, part of the work to ensure it runs well in other distros would be having a good look at dependencies and maybe declaring them explicitly per-test (checkbox supports this, but we obviate when we know it's included by default in Ubuntu)
[14:27] <tumbleweed> roadmr: so, historically, checkbox has had some difficulty around the ubuntu release cycle
[14:27] <micahg> roadmr: right, but even in Ubuntu, you still need to declare dependencies that aren't in essential/transitive essential/build essentia;
[14:27] <tumbleweed> what is the checkbox release cycle?
[14:27] <micahg> in case it's no longer "defulat"
[14:27] <micahg> *default
[14:28] <roadmr> micahg: yes, we've been trying to be more diligent with that, we try to add essential dependencies (such as udisks)
[14:29] <roadmr> tumbleweed: we don't have a formal release cycle as such, we try to adhere to the Ubuntu release schedule as far as making big changes early in the cycle
[14:30] <roadmr> tumbleweed: one of our plans for this cycle was to come up with a decent development/release/versioning plan for checkbox
[14:30] <tumbleweed> so, there isn't really any reason that checkbox should have trouble with the ubuntu release cycle
[14:31] <tumbleweed> I seem to recall a fair number of checkbox releases post FF
[14:31] <roadmr> tumbleweed: you're right. What's happened historically is that we sometimes have new features that land in our development branch a bit late in the cycle
[14:31] <roadmr> tumbleweed: so as you noted we have to resort to requesting FFes for those features to make it into the release
[14:31] <tumbleweed> right, and I think you got almost all of them
[14:31] <tumbleweed> but it can be a slow process...
[14:32] <roadmr> tumbleweed: this is something we need to improve, we need a bit of discipline in trying to get all the changes *before* FF
[14:32] <roadmr> tumbleweed: but also within the team, being more strict so that we don't dump the need to say "no" on to the release team
[14:32] <roadmr> tumbleweed: yes, in that respect we've had a lot of support from the release team but as I said, it'd be fairer to everyone if we strive to not do those disruptive changes after FF
[14:33] <tumbleweed> now FF has been pushed back, so the chance of the release team saying no is probably higher
[14:33] <roadmr> tumbleweed: yes, OTOH we have more time to get those big changes in place :)
[14:33] <barry> with more opportunity to get the needed changes in before then <wink>
[14:33] <tumbleweed> :)
[14:34] <Laney> There are a few comments on the application wiki about sponsors being the ones who spot the need for exceptions. If you're granted PPU then there will be no sponsor firewal. Are you confident this won't be a problem?
[14:35] <roadmr> Laney: I'm a bit scared about not having the extra safety net of an sponsor, but I think that will just encourage me to be extra anal when it comes to deciding whether an exception is needed
[14:35] <Laney> Nobody likes getting a micahg nastygram on -devel :P
[14:36] <micahg> lol
[14:36] <barry> :)
[14:36] <roadmr> Laney: that scares the living daylights out of me, so yes, if in any doubt I'd ask first :) but if in doubt, I'd just go ahead and go through the exception process
[14:37] <barry> roadmr: how do you know if an exception is necessary?  what resources would you consult?
[14:37] <roadmr> barry: I usually read and reread https://wiki.ubuntu.com/FreezeExceptionProcess and look at the release schedule to see where we are
[14:38] <roadmr> barry: I've also learned to "interpret" this a bit, for instance, we did some UI-related changes which needed some code changes to back them
[14:38] <roadmr> barry: my initial intuition was that this was UIFe, since the code changes were minor, but the sponsor still felt it also needed FFe, so I ended up requesting both
[14:39] <roadmr> barry: so lesson learned, which I'll keep in mind in the future - doing both exceptions from the get-go would have saved us a few days on that one
[14:39] <barry> roadmr: for example: https://code.launchpad.net/~roadmr/ubuntu/quantal/checkbox/0.14.8/+merge/127923
[14:40] <barry> roadmr: was there a ffe bug on that one?  apulido's comment indicates an ffe was granted but no record of that was given
[14:41] <micahg> it was granted by laney in the bug
[14:41] <roadmr> barry: usually code that closes bugs should not need FFe, but this was an instance where the closed bug was actually implementing a (small) feature
[14:41] <roadmr> barry: yes, the bug was the one with the FFe (https://bugs.launchpad.net/checkbox/+bug/1060211)
[14:41] <barry> ah,cool, thanks
[14:42] <roadmr> barry: that's how we usually do it, exceptions are requested on bugs, then the merge request and candidate bug should mention those.
[14:43] <bdrung> roadmr: fixing a bug can mean fixing a crash/defect or adding a new feature (wishlist bugs)
[14:43] <bdrung> roadmr: rewriting a big portion of code to fix a bug can require a FFe too
[14:44] <roadmr> bdrung: yes, well this is an area where some discretion/judgment is needed I guess, as to how much code qualifies as "just a bug fix" as opposed to "fixing a bug by adding a new feature"
[14:45] <barry> roadmr: yes, that can be a dicey question sometimes
[14:45] <roadmr> bdrung: we wouldn't try to get wishlist bugs in without FFe, this bug we mentioned wasn't wishlist and the phrasing suggested just a hardware detection failure but, on a closer look, it did constitute a new feature
[14:46] <micahg> roadmr: I'm sure you're also aware that with checkbox being on multiple ISOs and trying to keep everything daily installable, that breakage will need to be dealt with swiftly?
[14:48] <roadmr> micahg: yes, we have quite a few people who are able to work on checkbox now, so we should be able to respond to breakage more quickly
[14:48] <roadmr> micahg: we usually notice checkbox failures during our periodic (usually at least weekly) testing
[14:49] <barry> #vote grant roadmr ppu rights to checkbox
[14:49] <meetingology> Please vote on: grant roadmr ppu rights to checkbox
[14:49] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (private votes don't work yet, but when they do it will be by messaging the channel followed by +1/-1/+0 to me)
[14:49] <barry> #voters bdrung, cody-somerville, Laney, micahg, barry, tumbleweed, stgraber
[14:49] <meetingology> Warning: Nick not in channel: cody-somerville
[14:49] <meetingology> Current voters: Laney barry bdrung cody-somerville micahg stgraber tumbleweed
[14:49] <barry> +1
[14:49] <meetingology> +1 received from barry
[14:49] <micahg> roadmr: right, but as the uploader, you're taking responsibility for driving and getting that fix in
[14:49] <bdrung> +1
[14:49] <meetingology> +1 received from bdrung
[14:49] <tumbleweed> +1
[14:49] <meetingology> +1 received from tumbleweed
[14:49] <Laney> +1
[14:49] <meetingology> +1 received from Laney
[14:50] <micahg> +1
[14:50] <meetingology> +1 received from micahg
[14:50] <roadmr> micahg: right, well if I'm able to do the uploads myself it actually eases things because I don't have to pester sponsors for help with the upload :)
[14:50] <stgraber> +1
[14:50] <meetingology> +1 received from stgraber
[14:51] <barry> #endvote
[14:51] <meetingology> Voting ended on: grant roadmr ppu rights to checkbox
[14:51] <meetingology> Votes for:6 Votes against:0 Abstentions:0
[14:51] <meetingology> Motion carried
[14:51] <Laney> congrats!
[14:51] <barry> congrats roadmr!
[14:51] <roadmr> \o/ awesome, thanks folks!
[14:52] <roadmr> and thanks for the thorough interview, lots of food for thought and material to review
[14:52] <barry> #topic Ubuntu Contributing Developer Applications
[14:52] <barry> none today
[14:52] <bdrung> roadmr: congrats :)
[14:52] <barry> #topic MOTU Applications
[14:52] <barry> none today
[14:52] <barry> #topic Ubuntu Core Developer Applications
[14:52] <barry> none today
[14:53] <barry> #topic next meeting
[14:53] <barry> january 7th 2013, 1900 utc
[14:53] <barry> bdrung: you're up next for chair
[14:53] <bdrung> barry: i was already
[14:53] <bdrung> (we skipped you, because you weren't there)
[14:54] <barry> oops :)
[14:54] <barry> i guess that's why i did 2 in a row for penance :)
[14:54] <barry> cody then, with backup from Laney
[14:54] <barry> #topic aob
[14:55] <barry> any other business for today?
[14:55] <Laney> haven't seen cody around much lately
[14:55] <Laney> is he still active?
[14:55] <barry> that's a good question.  i can send him an email
[14:56] <Laney> probably worth a gentle poke
[14:56] <barry> #action barry to ping cody
[14:56] <meetingology> ACTION: barry to ping cody
[14:57] <Laney> so, I guess NYE isn't going to happen :-)
[14:57] <barry> on that note...
[14:57] <Laney> ah, jan 7th
[14:57] <barry> #endmeeting
[14:57] <meetingology> Meeting ended Mon Dec 17 14:57:39 2012 UTC.
[14:57] <meetingology> Minutes (wiki):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2012/ubuntu-meeting.2012-12-17-14.01.moin.txt
[14:57] <meetingology> Minutes (html):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2012/ubuntu-meeting.2012-12-17-14.01.html
[14:57] <barry> thanks everyone
[14:57] <Laney> i don't remember deciding that but fine
[14:57] <Laney> merci
[14:58] <barry> Laney: yeah, we discussed at the last meeting
[14:58] <Laney> you mean the world carries on without me?
[14:58] <Laney> a devastating revalation
[14:58] <micahg> hrm, so, we're off "schedule" again with the 3 week time frame...
[14:58] <micahg> but we can discuss that elsewhere
[14:59] <micahg> thanks barry
[18:04] <mdeslaur> \o
[18:04] <jdstrand> hi!
[18:04] <sarnold> pong
[18:04] <tyhicks> Hello!
[18:04] <jdstrand> #startmeeting
[18:04] <meetingology> Meeting started Mon Dec 17 18:04:30 2012 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[18:04] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[18:04] <jdstrand> The meeting agenda can be found at:
[18:04] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[18:04] <jdstrand> [TOPIC] Announcements
[18:04] <jdstrand> thanks to Christian Kuersteiner (ckuerste) provided a debdiff for lucid for pgbouncer (LP: #1083414)
[18:05] <jdstrand> Your work is very much appreciated and will keep Ubuntu users secure. Great job! :)
[18:05] <jdstrand> [TOPIC] Weekly stand-up report
[18:05] <jdstrand> I'll go first
[18:05] <jdstrand> I've got a short week this week-- off Thu and Fri
[18:05] <jdstrand> I'm on community
[18:06] <jdstrand> I plan to look at an old apport/apparmor hardening update
[18:06] <jdstrand> I also hope to look at some audits and tick off various things off my todo list
[18:06] <jdstrand> mdeslaur: you're up
[18:07] <mdeslaur> I'm in the happy place this week
[18:07] <mdeslaur> I just published a few updates
[18:07] <mdeslaur> and I plan on doing some merges
[18:07] <mdeslaur> I have a short week as I'm off starting on thursday at noon
[18:07] <mdeslaur> and I'll look at some other CVEs, time permitting
[18:07] <mdeslaur> that's it from me
[18:07] <mdeslaur> sbeattie: you're up
[18:08] <sbeattie> I have a very short week this week, as I am on holiday starting tomorrow
[18:08] <sbeattie> (I'll be available and sporadically checking irc/email)
[18:09] <sbeattie> Otherwise, I'm continuing to work on apparmor display manager stuff
[18:09] <sbeattie> that's it for me. micahg?
[18:09] <mdeslaur> sbeattie: hehe, you must not have felt like getting up this morning :)
[18:10] <micahg> I've got more webkit, patch piloting, and hopefully Chromium if qengho tracks down the issues he's working on
[18:10] <micahg> that's it
[18:11] <micahg> tyhicks: ping
[18:11] <tyhicks> I'm working on an embargoed item
[18:11] <tyhicks> I'll be working on the apparmor kernel policy interface work item, as well
[18:12] <tyhicks> I should also take a look at the outstanding eCryptfs kernel patches sent to me recently since the kernel merge window will close this week
[18:12] <tyhicks> I'm working all week
[18:12] <tyhicks> that's it for me
[18:12] <tyhicks> jjohansen: you're up
[18:13] <doko> sarnold, fyi, the one issue that the gcc trunk build was broken with ssp is now fixed
[18:13] <sarnold> doko: excellent, thank you :)
[18:14] <jdstrand> jj isn't here
[18:14] <doko> now reenabling again format security
[18:14] <jdstrand> sarnold: you're up
[18:14] <sbeattie> doko: \o/
[18:14] <tyhicks> oh yeah, sorry
[18:14] <sarnold> I'm on triage this week
[18:14] <jdstrand> I think he is working on getting 2.8 alpha together and the base labeling patches done before the break
[18:15] <jdstrand> (he should be here most of the week as well)
[18:15]  * jdstrand is done
[18:15] <jdstrand> sarnold: sorry
[18:16] <sarnold> I've been reading and re-reading the bugzilla report from dwmw2 and trying to re-create the problem on my laptop
[18:16] <sarnold> I'd like to recreate the problem in a way that leads to reproducers that could be added to QRT
[18:17] <jdstrand> sarnold: is that a gcc thing?
[18:17] <sarnold> (dwmw2's configuration is _highly_ specific to his use, and isn't easy to recreate... I've found that the dnsmasq spawned by juju seems ideal at showing the problem...)
[18:17] <jdstrand> ah, dnsmasq
[18:17] <sarnold> jdstrand: ah, no, sorry, dnsmasq
[18:18] <sarnold> I'm currently poking at using the 'dummy' interfaces because the ethernet aliases don't have the correct 'bind to interface' properties that a 'real' interface would have, and I want them separate from my physical interfaces...
[18:19] <sarnold> I think I'm going to be using tcpdump, tcprewrite, and tcpreplay to fiddle with the packets, though I'm not 100% confident that tcpreplay will let me send to a 'wrong' ip for a given interface.
[18:20] <sarnold> the patch itself is surprisingly small for the effort though; I feel like dnsmasq is important enough to get right to put in this time, but wouldn't mind be persuaded to just do the update.
[18:20] <jdstrand> sarnold: hmm, you might check out scapy
[18:21] <sbeattie> sarnold: hrm, is this something where testing in a multi-interfaced vm would make more sense?
[18:21] <sarnold> sbeattie: ah, it could.
[18:21] <mdeslaur> sarnold: you can look at the instructions for quagga for examples on multi-vm testing instructions
[18:22] <sarnold> I was hoping to stick with dummy just so that it would be easier to put into qrt tests -- something that could be configured and run entirely on one host, you know?
[18:22] <mdeslaur> sarnold: or isc-dhcp
[18:22] <sarnold> mdeslaur: cool, thanks. :)
[18:23] <jdstrand> sarnold: one host is definitely nice. there are some tests scripts (libvirt, krb5, openldap (iirc)) that can be given an extra argument to connect to another server
[18:24] <jdstrand> which is a totally acceptable fallback
[18:25] <jdstrand> sarnold: do you have more to report?
[18:25] <sarnold> jdstrand: no, that's it. thanks.
[18:25] <jdstrand> [TOPIC] Highlighted packages
[18:25] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[18:25] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[18:25] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/ircd-ratbox.html
[18:25] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/dracut.html
[18:25] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/xymon.html
[18:25] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libapache2-mod-auth-openid.html
[18:26] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/pnp4nagios.html
[18:26] <jdstrand> [TOPIC] Miscellaneous and Questions
[18:26] <jdstrand> Does anyone have any other questions or items to discuss?
[18:28] <jdstrand> mdeslaur, sbeattie, micahg, tyhicks, sarnold: thanks!
[18:28] <jdstrand> #endmeeting
[18:28] <meetingology> Meeting ended Mon Dec 17 18:28:14 2012 UTC.
[18:28] <meetingology> Minutes (wiki):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2012/ubuntu-meeting.2012-12-17-18.04.moin.txt
[18:28] <meetingology> Minutes (html):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2012/ubuntu-meeting.2012-12-17-18.04.html
[18:28] <tyhicks> thanks!
[18:28] <mdeslaur> thanks jdstrand
[18:28] <sbeattie> jdstrand: thanks!
[18:28] <sarnold> thanks jdstrand :)
[18:30] <micahg> thanks jdstrand
[18:33] <doko> sarnold, sbeattie, no, the format-security issue is still thre
[18:33] <doko> there
[18:37] <sbeattie> doko: oh, okay.