=== vladk|offline is now known as vladk === med_ is now known as 1JTAAEE11 === ogra_ is now known as 1JTAAEF0J === ogra_ is now known as 1JTAAEF3J === vladk is now known as vladk|offline === vladk|offline is now known as vladk === dosaboy_ is now known as disaboy === disaboy is now known as dosaboy === Ursinha-afk is now known as Ursinha [16:34] \o [16:34] \o [16:34] hi! [16:34] o/ [16:34] #startmeeting [16:34] The meeting agenda can be found at: [16:34] Meeting started Mon Jun 9 16:35:13 2014 UTC. The chair is jdstrand. Information about MeetBot at http://wiki.ubuntu.com/meetingology. [16:34] Available commands: action commands idea info link nick [16:34] [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting [16:34] [TOPIC] Announcements === meetingology changed the topic of #ubuntu-meeting to: Announcements [16:35] Felix Geyer (debfx) provided debdiffs for precise-trusty for mod-wsgi (LP: #1322338). Your work is very much appreciated and will keep Ubuntu users secure. Great job! [16:35] Launchpad bug 1322338 in mod-wsgi (Ubuntu Utopic) "CVE 2014-0240 and CVE 2014-0242" [Undecided,Fix released] https://launchpad.net/bugs/1322338 [16:35] [TOPIC] Weekly stand-up report === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report [16:35] I'll go first [16:35] short week this week. I am off Wednesday [16:35] I'm on community this week [16:36] I need to send my ofono hardening work to the phonedations team (ie, where only certain applications can communicate to ofono) [16:36] there is a bit more work to do there, but I have it working on my phone, so that is good [16:37] I have been doing phablet kernel testing for jjohansen-- mako looks good so far, still need to do flo and goldfish, but I imagine jjohansen has those tested already [16:37] I am working on several different openstack updates [16:37] and have various sprint outcomes to still go through [16:37] sure I've run those, there are some basic policy updates, but jdstrand has seen those already [16:38] jdstrand: you pulled in the new apparmor package correct? [16:38] jjohansen: yes [16:39] okay good [16:39] we need to get this into utopic so our delta is as small as possible when we update for abstract, but we can talk about that in jjohansen's time [16:39] mdeslaur: you're up [16:39] I'm in the happy place this week [16:40] I have some json-c packages to test, and am currently working on dpkg updates [16:40] also have to do the non-trivial libtasn backports [16:40] tomorrow, I'm doing a Q&A for UDS^H^H^Hwhatever replaces UDS [16:40] oh, I guess there is UOS too [16:40] (jeez, busy week) [16:41] * sbeattie collects rotten tomatoes for that [16:41] and I need to look at an updated apparmor package for U [16:41] jjohansen's packages is missing a couple of the latest commits, which I guess we're going to want [16:41] so I'll remerge from trunk I guess [16:41] and, yeah, attend UOS [16:42] mdeslaur: O_o I pulled that fresh on friday [16:42] not that the debian packaging side doesn't need some fixing :) [16:42] jjohansen: oh, the two missing commits are freom friday [16:43] d'oh [16:43] jjohansen: yeah, I'll take a look and see if everything's good with the packaging [16:43] haha, nice [16:43] that's it from me, sbeattie? [16:44] I'm focusing again on getting pie by default for amd64 in gcc this week [16:44] sbeattie: what's the current status? [16:44] I have a test compiler that bootstraps and does the right for common cases. [16:45] There's a couple of situations that the gcc testsuite where it's not compiling the .o with -fPIE when it needs to, but tries to link with -pie, which fails, so I'm tracking down why that fails. [16:46] I'm in the middle of setting up a ppa with that compiler as the default, to enable wider testing/benchmarking. [16:46] cool [16:46] I have some apparmor patches to review and submit. [16:47] sbeattie: oh, are those good for U too? [16:47] mdeslaur: cboltz's patch is, yes, though I need to dig in to why I can't reproduce his failure in U. [16:47] ok [16:48] I may try to take a swap day off on friday... [16:48] And I'll be attending UOS. [16:48] That's it for me, I think. tyhicks? [16:48] I'm focusing on my kdbus work item this week [16:48] I keep letting myself get distracted by other work, so I'm only going to plan on that one work item [16:49] I'll sync up w/ everyone once it is done for what I should focus on next [16:49] (Some UOS for me this week, as well) [16:49] That's it for me [16:49] jjohansen: you're up [16:50] So I've got UOS to distract me this week, and a couple of bugs to poke at and at least triage [16:50] We have the utopic touch device kernels in testing, and I think ready to be pulled [16:51] so I will send that request out as soon as its dependencies fall into place (maybe this week) [16:51] is anything there waiting on a new userspace? [16:51] This basically falls out as: more testing, policy updates, and the new apparmor userspace in U [16:52] mdeslaur: yep, the kernel won't go until that is updated, reason: userspace fixes a compiler issue that results in policy that causes failures under the new kernel [16:52] hrm [16:52] ok [16:53] guess I'll work on that tomorrow or wed then [16:55] Besides testing/collaborating with jdstrand on the policy updates, I'll be working on the apparmor kernel module [16:55] * mdeslaur still needs to figure out how he got volunteered to do the U update [16:55] to finish up the missing pieces [16:55] mdeslaur: well it was one of those quick mdeslaur isn't paying attention get him to agree while he is distracted [16:55] mdeslaur: we sent you out to collect beer and cheetos while we decided, to help the volunteering process along. [16:56] I'm wondering when we're goign to tell mdeslaur he also volunteered for the T update... [16:56] jjohansen: policy updates should all be in place [16:56] * mdeslaur shakes fist at team [16:56] jdstrand: when will they hit the images? [16:57] they are there [16:57] check that off your list :) [16:57] okay, I'll update and see how it goes, and then check it off the list :P [16:57] I think that is it for me, sarnold your up [16:58] on mako I have no denials except with media-hub, but that is unrelated [16:58] (it also works fine and I've pinged jhodapp about it) [16:58] jdstrand: I expect everything will be fine, I just want to run it through the 4 devices to make sure [16:59] sure [16:59] * jjohansen wants to avoid the whole your new kernel broke, ... mess [17:00] I'm on triage this week; I'm also reading some angry tweets for UOS, investigating click packaging to see how authenticity checks are being performed, and if there's any time left returning to the interminable mod_wsgi fixes for django [17:01] I think that's it for me, chrisccoulson? [17:01] this week, it's mozilla updates for me [17:01] plus one other update [17:02] my other main task is fixing bug 1312082, which I hope to have done this week [17:02] bug 1312082 in Oxide "Stop using deprecated compositing paths" [High,Triaged] https://launchpad.net/bugs/1312082 [17:02] chrisccoulson: so will the new paths be next on the deprecated list, or are they the current ones? :) [17:03] mdeslaur, no, we'll be using the same path as all other platforms :) [17:03] oh cool :) [17:03] i think that's me done [17:05] chrisccoulson: moving away from the deprecated paths is required for the media-hub work to really start, correct? [17:06] jdstrand, there's parts of that which can be started without it [17:06] sure, but this has to be done for it [17:06] chrisccoulson: the others are starting on the parts that can be done now, no? [17:07] jdstrand, yeah, I think so [17:07] * jdstrand saw various bug assignments, etc last week [17:07] cool [17:07] [TOPIC] Highlighted packages === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages [17:07] The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. [17:07] See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. [17:07] http://people.canonical.com/~ubuntu-security/cve/pkg/libapache2-mod-nss.html [17:07] http://people.canonical.com/~ubuntu-security/cve/pkg/dolibarr.html [17:07] http://people.canonical.com/~ubuntu-security/cve/pkg/gnumeric.html [17:07] http://people.canonical.com/~ubuntu-security/cve/pkg/ircd-ratbox.html [17:08] http://people.canonical.com/~ubuntu-security/cve/pkg/ngircd.html [17:08] [TOPIC] Miscellaneous and Questions === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions [17:08] Does anyone have any other questions or items to discuss? [17:15] mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks! [17:15] #endmeeting === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology [17:15] Meeting ended Mon Jun 9 17:15:37 2014 UTC. [17:15] Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2014/ubuntu-meeting.2014-06-09-16.35.moin.txt [17:15] thanks jdstrand [17:15] jdstrand: thanks! [17:15] thanks jdstrand! [17:16] thanks! [17:22] thanks jdstrand === jono is now known as Guest90711 === vladk is now known as vladk|offline === ogasawara_ is now known as ogasawara