[13:14] <italy> :)
[18:00] <jdstrand> hi!
[18:00] <tyhicks> Hello
[18:00] <mdeslaur> \o
[18:00] <jdstrand> #startmeeting
[18:00] <meetingology> Meeting started Mon Jan 28 18:00:31 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[18:00] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[18:00] <jdstrand> nice to start on time today :)
[18:00] <jdstrand> The meeting agenda can be found at:
[18:00] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[18:00] <jdstrand> [TOPIC] Announcements
[18:01] <jdstrand> Christian Kuersteiner (ckuerste) provided debdiffs for lucid-oneiric for xymon (LP: #1092412)
[18:01] <jdstrand> Christian Kuersteiner (ckuerste) provided debdiffs for quantal for ruby-actionpack-3.2 (LP: #1100188)
[18:01] <jdstrand> Christian Kuersteiner (ckuerste) provided debdiffs for quantal for ruby-activerecord-3.2 (LP: #1100188)
[18:02] <jdstrand> thanks to ckuerste for his help on security updates for these community supported packages. Your work is very much appreciated and will keep Ubuntu users secure. Great job! :)
[18:02] <jdstrand> [TOPIC] Weekly stand-up report
[18:02] <jdstrand> I'll go first
[18:03] <jdstrand> last week I was community and I patch piloted
[18:03] <jdstrand> this week I've got a chromium-browser upload to sponsor/test
[18:03] <jdstrand> and two embargoed issues
[18:04] <jdstrand> I'd like to take another look at our blueprints as well
[18:04] <jdstrand> I plan to finish a couple of outstanding audits as well
[18:04] <jdstrand> mdeslaur: you're up
[18:04] <mdeslaur> I just published a couple of USNs
[18:04] <mdeslaur> and I have something embargoed to look at
[18:04] <mdeslaur> and then will continue going down the CVE list
[18:04] <mdeslaur> I'm on triage this week too
[18:05] <mdeslaur> that's it, sbeattie you're up
[18:05] <sbeattie> I'm still focused on apparmor this week, specifically the display manager mediation prototype.
[18:06] <sbeattie> that's prettymuch it for me. tyhicks?
[18:06] <tyhicks> I'm working on an embargoed item
[18:07] <tyhicks> I also need to upload new dbus and linux packages to the dbus-dev PPA for some patches that'll allow dbus to detect if apparmor supports dbus rules
[18:07] <tyhicks> Then I'll (re)start work on the AppArmor kernel policy interface workitem
[18:07] <tyhicks> That's it for me
[18:07] <tyhicks> jjohansen: you'r eup
[18:09]  * jjohansen is working on the apparmor label and stacking code again, and we should see a new patchset this week. Currently I am chasing down a refcounting bug that is causing oopses
[18:10] <jjohansen> after the new patchset gets pushed, /me will be moving on to env var filtering
[18:10] <mdeslaur> \o/
[18:10] <jdstrand> \o/
[18:11] <jjohansen> sarnold: I think your up next
[18:11] <sarnold> the dnsmasq patchset just kept growing, I handed off a braindump and four debdiffs to mdeslaur last week, it's a bit annoying to feel defeated by an update, but it's nice to look forward to something more approachable this week :)
[18:12] <mdeslaur> sarnold: hehe, don't worry about that :)
[18:12] <sarnold> this week I'm working on an update for squid and reviewing jjohansen's patches
[18:12] <sarnold> I'm also on community :)
[18:12] <sarnold> jdstrand: your turn :)
[18:12] <mdeslaur> sarnold: cool. Squid is your priority this week.
[18:13] <sarnold> mdeslaur: thanks
[18:13] <mdeslaur> sarnold: I'd like to see squid published on thursday
[18:13] <mdeslaur> sarnold: and if you still need testing, it can get pushed back to monday
[18:14] <mdeslaur> sarnold: is that reasonable?
[18:14] <sarnold> mdeslaur: I think so
[18:14] <mdeslaur> sarnold: cool, thanks
[18:15] <jdstrand> [TOPIC] Highlighted packages
[18:15] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[18:15] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[18:16] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/mathopd.html
[18:16] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/elinks.html
[18:16] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/openarena.html
[18:16] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libsmi.html
[18:16] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/geshi.html
[18:16] <jdstrand> Also, there are a lot of merge opportunities for packages listed in http://people.canonical.com/~ubuntu-security/d2u/. Performing these updates is a great way to help Ubuntu and bolster your developer application.
[18:17] <jdstrand> [TOPIC] Miscellaneous and Questions
[18:17] <jdstrand> Does anyone have any other questions or items to discuss?
[18:23] <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold: thanks!
[18:23] <jdstrand> #endmeeting
[18:23] <meetingology> Meeting ended Mon Jan 28 18:23:39 2013 UTC.
[18:23] <meetingology> Minutes (wiki):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-01-28-18.00.moin.txt
[18:23] <meetingology> Minutes (html):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-01-28-18.00.html
[18:23] <jjohansen> thanks jdstrand
[18:23] <sarnold> thanks jjohansen
[18:23] <tyhicks> thanks!
[18:23] <mdeslaur> thanks jdstrand!
[18:23] <sarnold> hehe
[18:23] <sarnold> thanks jdstrand :)
[18:23] <jjohansen> haha
[18:24] <jdstrand> :)
[18:24] <sbeattie> thanks jdstrand
[19:05] <tumbleweed> !dmb-ping
[19:06]  * barry waves
[19:06]  * stgraber waves
[19:07]  * micahg is here, but might lag
[19:07] <tumbleweed> I think that makes us mostly quorate
[19:07] <tumbleweed> #startmeeting Developer Membership Board Meeting
[19:07] <meetingology> Meeting started Mon Jan 28 19:07:30 2013 UTC.  The chair is tumbleweed. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[19:07] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[19:07] <tumbleweed> #topic Review Previous Action Items
[19:08] <tumbleweed> * DMB members to read proposal for lightweight amending of ppu rights (for dds) and be prepared to vote next meeting on next action.
[19:08]  * bdrung arrives.
[19:08] <tumbleweed> bdrung: don't you want to take over? :)
[19:08] <tumbleweed> #chair bdrung
[19:08] <meetingology> Current chairs: bdrung tumbleweed
[19:09] <bdrung> tumbleweed: nope :p
[19:09] <tumbleweed> aww
[19:09]  * bdrung needs to mentally arrive.
[19:09] <stgraber> oops, forgot to read the proposal before the meeting, just did that now though ;)
[19:09]  * tumbleweed digs through e-mail to find it
[19:10] <stgraber> http://people.ubuntu.com/~laney/dynamic-ppu-procedure.txt
[19:12] <tumbleweed> do we want to vote on adopting this?
[19:12] <stgraber> I think so, yes.
[19:12] <bdrung> yes
[19:12] <tumbleweed> #vote Adoption of Dynampic PPU Procedure
[19:12] <meetingology> Please vote on: Adoption of Dynampic PPU Procedure
[19:12] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (private votes don't work yet, but when they do it will be by messaging the channel followed by +1/-1/+0 to me)
[19:12] <bdrung> +1
[19:12] <meetingology> +1 received from bdrung
[19:12] <tumbleweed> +1
[19:12] <meetingology> +1 received from tumbleweed
[19:13] <barry> +1
[19:13] <meetingology> +1 received from barry
[19:13] <micahg> +1
[19:13] <meetingology> +1 received from micahg
[19:13] <stgraber> +1
[19:13] <meetingology> +1 received from stgraber
[19:13] <tumbleweed> #endvote
[19:13] <meetingology> Voting ended on: Adoption of Dynampic PPU Procedure
[19:13] <meetingology> Votes for:5 Votes against:0 Abstentions:0
[19:13] <meetingology> Motion carried
[19:13] <tumbleweed> Great, adopted
[19:14] <tumbleweed> #action laney to publish that somewhere
[19:14] <meetingology> ACTION: laney to publish that somewhere
[19:14] <tumbleweed> #subtopic DMB to sort out re-election stuff.
[19:14] <tumbleweed> who is driving this election? micahg?
[19:14] <micahg> I guess I am
[19:15] <tumbleweed> ok. Anything we need to discuss?
[19:15] <barry> well, voting is supposed to start today
[19:15] <micahg> nothing in public that I"m aware of, save that it will probably be a 10-12 day voting period, is that ok?
[19:15] <barry> lasting until 11-feb
[19:15] <bdrung> don't we discuss the nominees?
[19:16] <micahg> in public?
[19:16] <barry> (according to the laney's announcement)
[19:16] <bdrung> just confirm who is on the list
[19:17] <tumbleweed> I don't see a major problem with a 10-12 day voting period
[19:17] <micahg> bdrung: I don't think so, but we'll discuss amongst ourselves
[19:17] <tumbleweed> but would prefer it if we could start it tomorrow, and end it on midnight 10-11th (or something like that)
[19:17] <micahg> yeah, that's what I would like to do as well
[19:18] <tumbleweed> ok, cracking on
[19:18] <tumbleweed> #topic Review any packageset descriptions that have been received (micahg)
[19:18] <tumbleweed> lol
[19:18] <tumbleweed> (I assume there are none)
[19:19] <micahg> no, I do have to finish that...
[19:19] <tumbleweed> #topic Aron Xu's application for upload rights to im-config and other pkg-ime packages
[19:20] <tumbleweed> but he doesn't appear to be here
[19:20] <tumbleweed> poked on IRC
[19:20]  * barry could have sworn we had two applications today
[19:21] <micahg> umm, it would be an odd time for him
[19:21] <tumbleweed> barry: did you get any reply to your mail to him about the meeting slot?
[19:22] <bdrung> barry: Paul Gevers moved his application to the March 25, 2013 meeting
[19:22] <happyaron> Hi
[19:22] <tumbleweed> happyaron: hi
[19:22] <barry> happyaron: hi!
[19:22] <tumbleweed> sorry, should have pinged you earlier
[19:23] <tumbleweed> would you care to introduce your application?
[19:23] <happyaron> it's my mistake to not getting the time right...
[19:23] <tumbleweed> this probably should have been a 14:00 UTC meeting, wasn't the last one 19:00?
[19:23] <happyaron> okay, let me introduce.
[19:23] <micahg> tumbleweed: I commented as such, but was told I was wrong :)
[19:24]  * barry was confused by that this morning too
[19:24]  * stgraber too
[19:24] <tumbleweed> ok, back to happyaron
[19:25] <happyaron> well, it was because input method support isn't very well in Ubuntu, and I'm currently one of the most active person on it in Debian. Advised by Daniel a year before, I decided to apply for PPU recently, to work more directly in Ubuntu to make sure more people get benefited from my work.
[19:26] <happyaron> Input method is something very important for its users (like me), and it's not that easy to get the point for people who don't use it.
[19:27] <tumbleweed> thanks happyaron
[19:28] <tumbleweed> micahg: you have a qustion?
[19:28] <micahg> happyaron: are you asking for PPU for all IME packages or just a subset?
[19:28] <micahg> err..all pkg-ime packages
[19:28] <happyaron> yup
[19:29] <happyaron> plus im-config
[19:29]  * tumbleweed wonders why im-config isn't in pkg-ime
[19:29] <bdrung> happyaron: which input method do you use and which language do you write?
[19:29] <happyaron> tumbleweed: because there are people don't like pkg-ime, like most Japanese maintainers.
[19:30] <happyaron> bdrung: I used SCIM for three years before IBUS, and IBus for two years before switching to Fcitx, and Fcitx for two years till now.
[19:30] <happyaron> bdrung: I'm a native speaker of Chinese Mandarin.
[19:32] <micahg> happyaron: in your various sponsored uploads to Ubuntu, have you had any interaction with the release team and/or the release process, including freezes?
[19:35] <happyaron> micahg: yes but not very much in deep freeze. Ubuntu used to upload cutting-edge IBus to its archive with unstable features pushed out by RH, and it's embarrassing in a freeze. Actually some versions of IBus are quite stable, and most of my work is to persuade people sync or not sync a version of the software at some points of the release.
[19:36] <micahg> happyaron: right, I'm interested in that sync or not sync part :)
[19:36] <happyaron> For fcitx, I coordinate the release with upstream to make sure the version we want to have in Ubuntu just-in-time for FFe.
[19:38] <happyaron> micahg: Looking at the version of IBus in previous Ubuntu releases, some of them are shipt with ibus 1.x.99999 version, which is a beta version of ibus 1.(x+1).
[19:39] <happyaron> At that time I was usually pushed by local users to communicate with upstream about the issue, and then try to apply as many as patches that upstream/me consider suitable.
[19:40] <micahg> happyaron: so, if you had the choice, would you prefer the beta or the old stable?
[19:40] <happyaron> micahg: old stable
[19:41] <tumbleweed> happyaron: I'm interested in why you are applying for uplaod rights to im-config, which you've never uploaded in either Debian or Ubuntu?
[19:41] <happyaron> even beta has many more long waited features, it doesn't worth to make it unstable. If it doesn't work for a user, it's just like you don't have a keyboard when using a PC.
[19:42] <happyaron> tumbleweed: Actually I've started working on im-switch/im-config for more than a year, but Osamu would like to have every patch pass his eyes, so I leave all the final decisions to him.
[19:42] <tumbleweed> ah
[19:42] <tumbleweed> so, what are you intending to do with the upload rights? sync after Debian Import Freeze?
[19:44]  * tumbleweed is interested to see that ibus has never had an SRU - so either we are shipping fairly stable releases, or nobody is fixing the problems in it :)
[19:44] <happyaron> tumbleweed: partially, added intention is about making sure that I can get SRU easily.
[19:45] <happyaron> because the beta version ibus doesn't worth the work for SRU
[19:45] <happyaron> If you want to fix critical bugs, SRU to a stable version is the best choice. Another reason is the indicator patches.
[19:47] <tumbleweed> it sounds like the best way to represent the pkg-ime packages is as a packageset
[19:47] <happyaron> During every release cycle, there must be someone porting the indicator patches to new version of ibus and/or indicator, there is no such interest in the community to work on those stuff - which are very probably needs re-do in next release
[19:48] <tumbleweed> happyaron: right
[19:48] <happyaron> I was advised to apply for a team, but I think I need to get used to everything first before doing in that way, :-)
[19:49] <stgraber> happyaron: so, let's say that a new upstream release of im-config is released on the 12nd of March and that it contains critical fixes you want to see in Ubuntu. What would you do (please note the date, it's important)?
[19:50] <happyaron> stgraber: it still depends on how big is the changes and how it's important.
[19:50] <stgraber> happyaron: "critical fixes you want to see in Ubuntu"
[19:52] <happyaron> stgraber: it's ambiguous for me actually, I'm a DD with experience of nearly two Debian releases already (say Wheezy for 2nd). If it was a simple fix up for a stupid error, then worth to discuss with release team, if the changes is bigger then just wait for next release. It's better to have known problems than introducing new ones.
[19:55] <stgraber> happyaron: ok. In this particular case, the 12nd of March is after FeatureFreeze, so you can't upload anything that contains more than bugfixes without a freeze exception. Additionnaly, the 13th is the beta1 release for some flavours, so you'd want to contact those too to check if they're interested in the fix.
[19:55] <stgraber> happyaron: do you know where you can find information about those dates? (FeatureFreeze, beta1, ...)
[19:55] <happyaron> ReleaseSchedule
[19:55] <stgraber> good
[19:55] <stgraber> happyaron: are you subscribed to ubuntu-devel-announce?
[19:56] <happyaron> Already for years.
[19:57] <stgraber> also note (with my release team member hat on) that we don't need any freeze exception or really anyone contacting us for bugfix uploads. That documentation and dialog is only required if the upload will cause feature change.
[19:57] <bdrung> happyaron: the freeze in Debian is different than the freeze in Ubuntu. We have a _feature_ freeze in Ubuntu. So bug fixes are allowed.
[19:57] <micahg> happyaron: also, please keep in mind that the release criteria in Ubuntu and Debian are different, in that if you have a good case, you might be able to get a new upstream version in
[19:58] <stgraber> Though for bugfix uploads, you should still make sure the archive isn't in some kind of freeze (full or partial) due to a milestone coming up. In those case, it's recommended to poke #ubuntu-release even for bugfixes (for any seeded package)
[19:58] <stgraber> happyaron: do you know how to check if a package is seeded (on a media that we ship)?
[19:58] <happyaron> bdrung: I know that, but what I did perviously were usually submitting FFe for those crashing stuff, unfortunately.
[19:58] <happyaron> stgraber: there is a bzr branch
[19:59] <happyaron> micahg: I see, that's what FFe for.
[19:59] <micahg> yeah
[19:59] <stgraber> happyaron: yeah, but the bzr branch makes it really difficult to know what's actually seeded because it doesn't contain the dependencies/build-dependencies of those packages
[19:59] <stgraber> happyaron: instead we have a "seeded-in-ubuntu" tool you can use for that
[19:59] <happyaron> nice to know, what's that?
[20:00] <happyaron> got it.
[20:00] <tumbleweed> ok, I think we should wrap this up and take it to a vote
[20:01] <tumbleweed> I'm suggesting we create an input-methods packagset, which we can describe as
[20:01] <tumbleweed> packages maintained by the pkg-ime team in Debian, and im-config
[20:01] <tumbleweed> it's a bit of an odd description, but it covers the packages you are asking for. objections?
[20:02] <stgraber> (note that the DMB won't keep it in sync, instead we expect to be contacted when something is added to pkg-ime)
[20:02] <happyaron> stgraber: I see, I'll contact DMB when needed.
[20:02] <tumbleweed> that can be done by e-mail
[20:02] <tumbleweed> ok
[20:03] <tumbleweed> #vote Grant Aron Xu upload rights to a input-methods packagset (pkg-ime packages and im-config)
[20:03] <meetingology> Please vote on: Grant Aron Xu upload rights to a input-methods packagset (pkg-ime packages and im-config)
[20:03] <meetingology> Public votes can be registered by saying +1, +0 or -1 in channel, (private votes don't work yet, but when they do it will be by messaging the channel followed by +1/-1/+0 to me)
[20:04] <stgraber> +1 [glad to see someone stepping up to maintain those often forgotten yet important packages]
[20:04] <meetingology> +1 [glad to see someone stepping up to maintain those often forgotten yet important packages] received from stgraber
[20:04] <barry> +1
[20:04] <meetingology> +1 received from barry
[20:04] <tumbleweed> +1 [ actively involved in these packages upstream and Debian. I'm confident they'll be well looked after in Ubuntu ]
[20:04] <meetingology> +1 [ actively involved in these packages upstream and Debian. I'm confident they'll be well looked after in Ubuntu ] received from tumbleweed
[20:04] <bdrung> +1 (good to have someone maintaining the package who uses it)
[20:04] <meetingology> +1 (good to have someone maintaining the package who uses it) received from bdrung
[20:04] <micahg> +1 good packaging history in Debian and Ubuntu
[20:04] <meetingology> +1 good packaging history in Debian and Ubuntu received from micahg
[20:05] <tumbleweed> #endvote
[20:05] <meetingology> Voting ended on: Grant Aron Xu upload rights to a input-methods packagset (pkg-ime packages and im-config)
[20:05] <meetingology> Votes for:5 Votes against:0 Abstentions:0
[20:05] <meetingology> Motion carried
[20:05] <stgraber> tumbleweed: I
[20:05] <stgraber> 'll create the package set
[20:05] <tumbleweed> stgraber: thanks
[20:05] <happyaron> thanks all, :)
[20:05] <tumbleweed> happyaron: congratulations :)
[20:06] <stgraber> and I'll also take care of the team, that way it'll be setup the way I like it ;)
[20:06] <micahg> happyaron: congratulations
[20:06] <tumbleweed> hah
[20:06] <bdrung> happyaron: congrats and welcome.
[20:06] <happyaron> :)
[20:06] <stgraber> happyaron: congrats
[20:06] <tumbleweed> #topic Any other business?
[20:07] <tumbleweed> next chair?
[20:07] <stgraber> happyaron: I'm a tiny bit busy at the moment but I should have all of the admin stuff sorted by this time tomorrow. If you need to upload something before that, ping me and I'll sponsor.
[20:08] <tumbleweed> bdrung, with Laney as backup, I think
[20:08] <bdrung> so soon again?
[20:08] <tumbleweed> I last chaired two meetings ago...
[20:08] <happyaron> stgraber: thank you, I think I won't need that in several days, I'll need work on new versions of IBus and Fcitx this week(end) before uploading.
[20:09] <happyaron> excuse me that I must leave now, it's already 04:08AM in Beijing and I'm missing my bed...
[20:09] <tumbleweed> yup, I think we're done here
[20:09] <tumbleweed> #endmeeting
[20:09] <meetingology> Meeting ended Mon Jan 28 20:09:32 2013 UTC.
[20:09] <meetingology> Minutes (wiki):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-01-28-19.07.moin.txt
[20:09] <meetingology> Minutes (html):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-01-28-19.07.html
[20:09] <tumbleweed> thanks everyone
[20:09] <barry> thanks tumbleweed !
[20:09] <stgraber> thanks!
[20:09] <stgraber> happyaron: good night :)
[20:10] <happyaron> thanks, and good day/night, :)