=== freeflying is now known as freeflying_away
=== freeflying_away is now known as freeflying
=== Ursinha-afk is now known as Ursinha
=== freeflying is now known as freeflying_away
=== doko_ is now known as doko
=== freeflying_away is now known as freeflying
=== freeflying is now known as freeflying_away
=== LjL^ is now known as LjL
=== freeflying_away is now known as freeflying
=== adam_g_afk is now known as adam_g
=== freeflying is now known as freeflying_away
=== freeflying_away is now known as freeflying
[16:44] <mdeslaur> \o
[16:44] <tyhicks> hello
[16:44] <jjohansen> o/
[16:44] <jdstrand> hi!
[16:45] <jdstrand> #startmeeting
[16:45] <meetingology> Meeting started Mon Nov 25 16:45:24 2013 UTC.  The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:45] <meetingology> Available commands: #accept #accepted #action #agree #agreed #chair #commands #endmeeting #endvote #halp #help #idea #info #link #lurk #meetingname #meetingtopic #nick #progress #rejected #replay #restrictlogs #save #startmeeting #subtopic #topic #unchair #undo #unlurk #vote #voters #votesrequired
[16:45] <jdstrand> The meeting agenda can be found at:
[16:45] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[16:45] <jdstrand> [TOPIC] Announcements
=== meetingology changed the topic of #ubuntu-meeting to: Announcements
[16:45] <jdstrand> Thanks to Thomas Ward (teward) provided debdiffs for precise-saucy for nginx (LP: #1253691)
[16:45] <ubottu> Launchpad bug 1253691 in nginx (Ubuntu Trusty) "Specially crafted request URI permits security restriction bypass [CVE-2013-4547]" [High,Fix released] https://launchpad.net/bugs/1253691
[16:45] <jdstrand> Your work is very much appreciated and will keep Ubuntu users secure. Great job! :)
[16:45] <jdstrand> [TOPIC] Weekly stand-up report
=== meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report
[16:45] <jdstrand> I'll go first
[16:46] <jdstrand> I have a very short week this week. I am working today and tomorrow
[16:46] <jdstrand> I'm on triage
[16:46] <jdstrand> I'm working on an update for keystone which should go out today
[16:46] <mdeslaur> jdstrand: I'll take over triage for the rest of the week
[16:46] <jdstrand> mdeslaur: thanks :)
[16:47] <jdstrand> and I need to get the work items in shape for this cycle. I figure I'll work with you guys on that when I have something to review
[16:47] <jdstrand> mdeslaur: you're up
[16:47] <mdeslaur> I'm on community this week
[16:47] <mdeslaur> I have some jpeg updates to write some test scripts for
[16:47] <mdeslaur> and am working on merging ruby and uploading some packages in an attempt to get ruby1.8 demoted from main
[16:48] <mdeslaur> since we now have three rubys in main, and I don't want that for a 5-year supported lts
[16:48] <jdstrand> what's the story with puppet there?
[16:48] <jdstrand> (and yes, great idea)
[16:48] <mdeslaur> hrm, good question
[16:49] <jdstrand> well, worht looking at. I don't mean to derail the meeting
[16:49] <mdeslaur> looks like it's using whatever ruby is default instead of 1.8
[16:49] <mdeslaur> so 1.9.1 presumably
[16:49] <mdeslaur> it didn't show up on my list of reverse depends
[16:49] <jdstrand> cool
[16:50] <jdstrand> ah, perfect
[16:50] <mdeslaur> pending that, I'll be going down the cve list, as usual
[16:50] <mdeslaur> that's it from me
[16:50] <mdeslaur> sbeattie: you're up
[16:50] <mdeslaur> (if you're here...)
[16:50] <jdstrand> that was the only thing I could think of otoh that might be weird. glad it isn't an issue at all :)
[16:50] <sbeattie> I'm on apparmor again this week
[16:50] <sbeattie> I'll be working on testing improvements as well as some parser fixes/improvements
[16:51] <sbeattie> Which is pretty much it for me.
[16:51] <jdstrand> is that for IPC?
[16:51] <sbeattie> the testing stuff, yes. The parser bits, no.
[16:52] <sbeattie> tyhicks: I think you're up.
[16:52] <tyhicks> I have a very short week this week
[16:52] <tyhicks> I'm only working today
[16:52] <tyhicks> Right now, I'm looking into some apparmor_parser oddness
[16:52] <tyhicks> It segfaults if I change AA_DBUS_EAVESDROP from (1 << 5) to (1 << 7)
[16:52] <tyhicks> That shouldn't happen and makes me think there's a bigger bug lurking somewhere
[16:52] <tyhicks> I'll spend a little more time on that
[16:52] <tyhicks> Then I'm going to switch to the yama on touch work items
[16:52] <tyhicks> (I haven't been able to start on them yet)
[16:52] <jdstrand> tyhicks: I didn't think having a week shorter than mine was possible :)
[16:52] <tyhicks> jdstrand: beat ya :)
[16:53] <tyhicks> that's it for me
[16:53] <mdeslaur> bunch of slackers :)
[16:53] <tyhicks> jjohansen: you're up
[16:53] <sbeattie> tyhicks: oh hrm, is that with the patch set you submitted?
[16:53] <tyhicks> sbeattie: yep
[16:53]  * jjohansen is working on apparmor ipc again this week.
[16:54] <jjohansen> I need to coordinate with sbeattie on some testing and see if I can't get him a new kernel
[16:54] <sbeattie> +1
[16:55] <jdstrand> jjohansen(, sbeattie): can you give a brief update on IPC (eg, are we still on track for ppa this month, archive, next, etc)?
[16:56] <jjohansen> jdstrand: we are running behind, since this week is the last week of the month. PPA this month might not happen, if not this week though hopefully next
[16:57] <jdstrand> jjohansen: ok, well, please don't feel like you have to work through the holiday
[16:57] <jjohansen> who me?
[16:57] <jjohansen> never
[16:58] <jjohansen> :)
[16:58] <jdstrand> jjohansen: was there anything on goldfish?
[16:58] <jdstrand> s/thing/ update/
[16:58] <jjohansen> oh, I suppose I need to send the patch to the kernel team today, and make sure, the apparmor=0 work around is reverted once the kernel rolls out
[16:59] <jdstrand> ah, so you found the problem? what was it?
[16:59] <jjohansen> it was that patch from last week, the #ifdef SMP
[16:59] <jjohansen> one
[16:59] <jdstrand> oh, interesting. I thought that was something else
[16:59] <jdstrand> cool
[17:00] <jdstrand> (that but number was old iirc)
[17:00] <jdstrand> anyhoo, nice! :)
[17:00] <jjohansen> jdstrand: well there was a bug against the saucy kernel from some guy doing self compiled kernels
[17:01] <jjohansen> that was the old bug number, same bug really
[17:01] <jjohansen> sarnold: your up
[17:03] <sarnold> I'm in the happy place this week, also a short week, off thursday and friday; I have a merge of libgcrypt11 to work on, a new MIR audit, and -maybe- ask for a CVE for an already-known issue I discovered while working on a MIR audit last week
[17:03] <sarnold> it'd be wonderful to make some further dents in the apparmor patches that are still unreviewed, I know there's several of them left..
[17:04] <sarnold> I think that's it for me, chrisccoulson you're up :)
[17:04] <chrisccoulson> yoyo
[17:04] <chrisccoulson> the oxide packaging is almost done now. just waiting on https://code.launchpad.net/~osomon/oxide/initial-build-fixes/+merge/195076, which is basically the last blocker
[17:05] <chrisccoulson> i should have it in a PPA after that :)
[17:05] <chrisccoulson> this week, i'm focusing on getting bug 1214049 finished
[17:05] <ubottu> bug 1214049 in Oxide "Support accelerated compositing" [High,In progress] https://launchpad.net/bugs/1214049
[17:06] <mdeslaur> \o/
[17:06] <sarnold> wow :)
[17:06] <chrisccoulson> oSoMoN has been contributing some fixes as well now
[17:06] <sarnold> \o/ :D
[17:06] <chrisccoulson> so we got http://bazaar.launchpad.net/~oxide-developers/oxide/oxide.trunk/revision/257 and http://bazaar.launchpad.net/~oxide-developers/oxide/oxide.trunk/revision/256 last week
[17:07] <chrisccoulson> i think that's me done
[17:08] <jdstrand> chrisccoulson: nice! :)
[17:08] <chrisccoulson> oh, i had the joy of learning how to use bzrlib last week too
[17:08] <chrisccoulson> that wasn't fun ;)
[17:09] <jdstrand> :)
[17:09] <jdstrand> [TOPIC] Highlighted packages
=== meetingology changed the topic of #ubuntu-meeting to: Highlighted packages
[17:09] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[17:09] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[17:09] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/network-manager-openvpn.html
[17:09] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/turba2.html
[17:09] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/smsclient.html
[17:09] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/djbdns.html
[17:09] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/feh.html
[17:10] <jdstrand> [TOPIC] Miscellaneous and Questions
=== meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions
[17:10] <jdstrand> Does anyone have any other questions or items to discuss?
[17:10] <sarnold> djbdns? o_O I'm shocked :)
[17:11] <jdstrand> the CVEs are old. possibly needs more triage
[17:12] <sbeattie> well, the package version we ship hasn't changed since precise, either.
[17:15] <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks!
[17:15] <sarnold> thanks jdstrand :)
[17:15] <jdstrand> #endmeeting
[17:15] <jjohansen> thanks jdstrand
=== meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology
[17:15] <meetingology> Meeting ended Mon Nov 25 17:15:24 2013 UTC.
[17:15] <meetingology> Minutes (wiki):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-11-25-16.45.moin.txt
[17:15] <meetingology> Minutes (html):        http://ubottu.com/meetingology/logs/ubuntu-meeting/2013/ubuntu-meeting.2013-11-25-16.45.html
[17:15] <tyhicks> thanks!
[17:15] <sbeattie> jdstrand: thanks!
=== gaughen is now known as gaughen_
=== gaughen_ is now known as gaughen
[20:55] <kees> time for ubuntu tech board meeting! oh wait... no tech board.
[20:56] <mdeslaur> heh
[21:00] <genii> Hm.
[21:02] <stgraber> haha, yeah, my phone is still telling me I
[21:02] <stgraber> *I'm supposed to have a meeting
=== freeflying is now known as freeflying_away