[18:25] <jdstrand> hi
[18:25] <jdstrand> sorry we are a bit late
[18:25] <tyhicks> hello
[18:25] <mdeslaur> \o
[18:25] <sarnold> hello
[18:25]  * sbeattie waves
[18:25] <jdstrand> #startmeeting
[18:25] <meetingology> Meeting started Mon Jan 14 18:25:46 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[18:25] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[18:26] <jdstrand> The meeting agenda can be found at:
[18:26] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[18:26] <jdstrand> [TOPIC] Announcements
[18:26] <jdstrand> Thanks to the following individuals who provided security for Ubuntu:
[18:27] <jdstrand> Stefan Bader (smb) provided debdiffs for oneiric-quantal for xen
[18:27] <jdstrand> Chad Miller (chad) for getting chromium-browser up to 23.0.1271.97 for lucid-quantal
[18:27] <jdstrand> Benjamin Drung (bdrung) provided an update for precise and quantal for vlc (LP: #1084054)
[18:27] <jdstrand> Christian Kuersteiner (ckuerste) provided a debdiff for precise for xymon (LP: #1092412)
[18:27] <jdstrand> Your work is very much appreciated and will keep Ubuntu users secure. Great job! :)
[18:27] <jdstrand> [TOPIC] Weekly stand-up report
[18:27] <jdstrand> I'll go first
[18:27] <jdstrand> I'm on triage today
[18:28] <jdstrand> rather, this week
[18:29] <jdstrand> I planned to get nss out last week, but was unable. I need to do new upstream releases for nss and nspr for this update, and I spent last week preparing those
[18:29] <jdstrand> that should go out today or tomorrow
[18:29] <jdstrand> chromium-browser (as mentioned) is now at 23.0.1271.97 for the stable releases, but upstream releases 24 last week, so I'll be sponsoring/testing that as well
[18:30] <mdeslaur> ±o/
[18:30] <mdeslaur> argh
[18:30] <mdeslaur> \o/
[18:30] <jdstrand> I'm going to look at the recent java issue some more
[18:31] <jdstrand> and I need to patch pilot
[18:31] <jdstrand> mdeslaur: you're up
[18:31] <mdeslaur> I'm on community this week
[18:31] <mdeslaur> I've just released a couple of security updates, and will pick some more off the list
[18:32] <mdeslaur> and that's pretty much it. sbeattie, you're up
[18:32] <sbeattie> I'm again an apparmor monkey this week
[18:33] <sbeattie> My primary focus is on getting the display manager prototype going
[18:33] <sbeattie> I'm not sure where jjohansen is on getting the alpha out the door, but may pitch in to help on that after getting 2.8.1 out last week.
[18:34] <sbeattie> I'll also poke at the random things that have popped up on the list.
[18:34] <sbeattie> that's it for me. tyhicks?
[18:34] <tyhicks> Similar to last week. Embargoed item and apparmor policy kernel interface.
[18:34] <tyhicks> That's it for me. Back to you, jdstrand
[18:35] <jdstrand> actually, we skipped sarnold
[18:35] <jdstrand> sarnold: you're up
[18:35] <mdeslaur> who's sarnold?
[18:35] <tyhicks> sorry, sarnold :)
[18:35] <mdeslaur> :)
[18:35] <sarnold> I'm in happy place this week, hoping to make forward progress on dnsmasq update, now using mdeslaur's suggestion for VM with two NICs, will combine with jdstrand's suggestion to use two VMs rather than do the testing via my host...
[18:36] <sarnold> .. but if I have more trouble reproducing the reporter's situation, I'll be leaning towards just regression testing.
[18:37] <mdeslaur> sarnold: sounds reasonable
[18:37] <sarnold> (I'm thinking end-of-the-day today as the decision point...)
[18:37] <sarnold> jdstrand: back to you
[18:38] <mdeslaur> sarnold: you can get one of us to review your changes too, as a sanity check/second opinion since it affects an important package
[18:38] <sarnold> mdeslaur: thanks :)
[18:38] <jdstrand> [TOPIC] Highlighted packages
[18:38] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[18:38] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[18:39] <jdstrand> Normally we provide a list of 5 packages. However, this week I'd like to ask for help on updating the recent raills vulnerabilities:
[18:39] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-0156.html
[18:39] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-0155.html
[18:40] <jdstrand> [TOPIC] Miscellaneous and Questions
[18:40] <jdstrand> Does anyone have any other questions or items to discuss?
[18:43] <jdstrand> mdeslaur, sbeattie, tyhicks, sarnold: thanks!
[18:43] <jdstrand> #endmeeting
[18:43] <meetingology> Meeting ended Mon Jan 14 18:43:36 2013 UTC.
[18:43] <meetingology> Minutes (wiki):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-01-14-18.25.moin.txt
[18:43] <meetingology> Minutes (html):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-01-14-18.25.html
[18:43] <sarnold> thanks jdstrand :)
[18:43] <mdeslaur> thanks jdstrand!
[18:43] <tyhicks> thanks!
[18:43] <sbeattie> thanks jdstrand