[04:29]  * jose jose
[17:07] <jdstrand> hi!
[17:07] <tyhicks> hello
[17:07] <mdeslaur> \o
[17:08] <jdstrand> #startmeeting
[17:08] <meetingology> Meeting started Mon Sep 16 17:08:07 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[17:08] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[17:08] <jdstrand> The meeting agenda can be found at:
[17:08] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[17:08] <jdstrand> [TOPIC] Weekly stand-up report
[17:08] <jdstrand> I'll go first
[17:08] <jdstrand> I'm on triage this week
[17:09] <jdstrand> I've got planning to do related to getting something together 14.04 and until release, but for the most part, stuff that is hitting saucy is not feature work at this point
[17:09] <jdstrand> so I've put that on the backburner for the moment
[17:10] <jdstrand> (ie, we are finishing up things we've started and fixing bugs in 13.10-- but I know we are already starting some 14.04 stuff, which is fine)
[17:10] <jdstrand> (and by 14.04, I mean 13.10 stuff that was postponed :)
[17:10] <jdstrand> ok
[17:10] <jdstrand> I've been working a lot on trying to get all our policy in order
[17:11] <sbeattie> jdstrand: thanks for that
[17:11] <jdstrand> and its coming along, but has been difficult in spots because the APIs haven't all landed in their full form yet
[17:11] <jdstrand> sbeattie: np
[17:11] <jdstrand> sbeattie: thanks for being flexible in what you're working on :)
[17:12] <sbeattie> heh, sure.
[17:12] <jdstrand> I'm also following up with various teams to get bugs fixed and policy workarounds removed
[17:12] <jdstrand> (eg, all the bugs surrounding non-app-specific paths)
[17:13] <jdstrand> also working with appstore reviews and how to automate them where we can
[17:13] <jdstrand> and discussing webapps confinement a bit
[17:13] <jdstrand> all that will continue this week and I hope to check of related work items
[17:14] <jdstrand> I also have MIR reviews that I am working on
[17:14] <jdstrand> and will pick up an update if I can
[17:14] <jdstrand> I think that's it for me
[17:14] <jdstrand> mdeslaur: you're up
[17:14] <mdeslaur> I'm on community this week
[17:14] <mdeslaur> and am working on a bunch of embargoed issues
[17:14] <mdeslaur> hopefully they'll all get published this week
[17:14] <mdeslaur> that's it from me
[17:14] <mdeslaur> sbeattie: you're up
[17:15] <sbeattie> I'm on apparmor this week
[17:15] <sbeattie> I'm again working on testing stuff, particularly IPC, in support of the development work jjohansen is doing.
[17:16] <sbeattie> I've also been picking up other odds and ends on the apparmor front
[17:16] <sbeattie> Oh, I'm trying to fix the daily build ppa breakage (my fault, mostly)
[17:16] <sbeattie> that's pretty much it for me. tyhicks?
[17:16] <tyhicks> I'm working on an embargoed issue
[17:17] <tyhicks> I need to help jjohansen prep for the AppArmor sessions at LSS (Linux Security Summit)
[17:17] <tyhicks> I'll be attending Plumbers (and probably some of LSS) this week
[17:17] <tyhicks> I also need to scrape through the apparmor list and get patches committed
[17:17] <tyhicks> (mainly the C++ patches that have been acked)
[17:18] <tyhicks> that's it for me
[17:18] <tyhicks> jjohansen: you're up
[17:19] <jjohansen> I am prepping for and attending Linux Security Summit (LSS) this week. We have 2 presentations and a status update around apparmor and the security work for ubuntu touch
[17:21] <jdstrand> nice
[17:21] <jjohansen> I will also try to get up a test kernel for some of the ipc and stacking but that will depend on how the prep goes
[17:22] <jjohansen> that's it for me sarnold your up
[17:23] <sarnold> I'm in my happy place this week; this week and next week are short weeks, friday and monday off. I'm doing mostly MIR audits, only Mir, unity-system-compositor, gunicorn, and open-vm-tools remain :) but only two, maybe three, likely this week.
[17:24] <sarnold> sorry I've been neglecting the apparmor patches, if there's anything that's not yet received a review from someone else, you guys can ping me on it specific and I'll give it a look
[17:24] <sarnold> but "all 78 mails" would be a while :) hehe
[17:25] <sarnold> chrisccoulson: your turn
[17:25] <chrisccoulson> i had a short week last week, and it feels like it's been ages since my last meeting ;)
[17:25]  * jjohansen notes to do a push just for sarnold
[17:26] <chrisccoulson> i got flash updated last week. this week, it's firefox and thunderbird (and a big one for thunderbird, 17 -> 24)
[17:26] <jdstrand> chrisccoulson: welcome! :)
[17:26] <chrisccoulson> hi :)
[17:26] <chrisccoulson> i worked on automated testing for oxide. will hopefully finish that this week
[17:27] <chrisccoulson> i think that's me done
[17:27] <jdstrand> chrisccoulson: sorry if I'm dense-- you've been working on and planning to work on oxide automated testing/
[17:27] <jdstrand> ?
[17:28]  * jdstrand couldn't fully parse chrisccoulson's stand-up
[17:29] <chrisccoulson> jdstrand, i've been working on adding automated tests since last week
[17:30] <jdstrand> chrisccoulson: ok, for some reason that is not listed on https://blueprints.launchpad.net/ubuntu/+spec/client-1308-oxide. can you add a work item for that and mark it INPROGRESS?
[17:32] <chrisccoulson> jdstrand, ah, sure. in future, all features will come with tests. the work i'm doing now is adding tests retrospectively, as it depended on adding support for exchanging messages with content scripts, which was quite a bit of work :)
[17:32] <jdstrand> yeah, I bet
[17:32] <jdstrand> chrisccoulson: cool, thanks for that :)
[17:32] <jdstrand> [TOPIC] Highlighted packages
[17:32] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[17:32] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[17:32] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/xymon.html
[17:33] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/libsdp.html
[17:33] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/kronolith2.html
[17:33] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/citadel.html
[17:33] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/xml-light.html
[17:33] <jdstrand> [TOPIC] Miscellaneous and Questions
[17:34] <jdstrand> mdeslaur: so, the only thing I was going to ask about was seeing if sarnold could help out with updates, but with his short week and the number of audits, that seems like 'no'
[17:34] <mdeslaur> jdstrand: yeah, that's fine...the mirs are more pressing for now
[17:34] <jdstrand> well, soon there will be help
[17:35] <jdstrand> it is hard to beleive that 13.10 will be released in like 5 weeks
[17:35] <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks
[17:35] <jdstrand> #endmeeting
[17:35] <meetingology> Meeting ended Mon Sep 16 17:35:46 2013 UTC.
[17:35] <meetingology> Minutes (wiki):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-09-16-17.08.moin.txt
[17:35] <meetingology> Minutes (html):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-09-16-17.08.html
[17:35] <mdeslaur> thanks jdstrand!
[17:35] <jjohansen> thanks jdstrand
[17:36] <sbeattie> jdstrand: thanks!
[17:36] <sarnold> yeah, five weeks seems terrifyingly close
[17:36] <sarnold> I installed the phone for the first time over the weekend and while I was stunned at how much has been done, it still feels like there's a lot left to finish up..
[17:37] <jdstrand> sarnold: there are a number of bugs that are quite annoying/highly visible, but they are known
[17:38] <jdstrand> but all the teams are working on their parts to finish what they started and fix bugs/polish
[17:38] <jdstrand> things are postponed, etc. plans are made to land stuff. we'll get there
[17:38] <sarnold> it looks to be an exciting five weeks :)
[20:00] <cjwatson> Anyone else here for the TB meeting?
[20:00] <stgraber> I am
[20:00] <cjwatson> kees,soren: ?
[20:03] <stgraber> looks like we've got an empty agenda anyway and only thing on the ML is a provisional MRE for kde-telepathy (which can be handled there), so if nobody else shows up in the next 5min or so, I guess we can just ship that one
[20:10] <kees> here now
[20:10] <stgraber> hey kees
[20:13] <cjwatson> So, quorate, but do we have anything to discuss? :)
[20:13] <cjwatson> https://lists.ubuntu.com/archives/technical-board/2013-September/001714.html is the MRE in question
[20:14] <kees> re-reading now
[20:14] <cjwatson> I'm inclined to look favourably on that since it only affects KDE and they already have an established updates policy for other things
[20:14] <stgraber> I'm +1 on that one
[20:14] <kees> yeah, me too. +1
[20:14] <stgraber> it's a provisional SRU for a single version, affects a single flavour and I believe KDE has a good track record so far
[20:15] <cjwatson> so, less verbosely, +1
[20:15] <cjwatson> sold
[20:16] <kees> ship it :)
[20:22] <cjwatson> anything else for today?
[20:22] <stgraber> nothing else here
[20:22] <cjwatson> I haven't seen any reply from Mark on elections
[20:22] <cjwatson> But pitti isn't here to ask
[20:23] <cjwatson> And I think Mark was on holiday for a while anyway
[20:24] <stgraber> I'll poke pitti at Plumbers if I can remember
[20:27] <kees> cool.
[20:28] <stgraber> kees: are you coming this year?
[20:36] <kees> stgraber: yup, flying in tomorrow.
[20:38] <stgraber> cool, see you there then