=== vladk|offline is now known as vladk
=== Adri2000 is now known as Guest58072
=== Guest58072 is now known as Adri2000
=== greyback is now known as greyback|lunch
=== greyback|lunch is now known as greyback
=== doko_ is now known as doko
[17:11] <mdeslaur> \o
[17:11] <jdstrand> hi!
[17:11]  * sbeattie waves
[17:11] <jdstrand> sorry the meeting is starting late
[17:12] <jdstrand> #startmeeting
[17:12] <jdstrand> The meeting agenda can be found at:
[17:12] <jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[17:12] <jdstrand> [TOPIC] Announcements
[17:12] <jdstrand> Stefan Bader (smb) provided debdiffs for saucy-utopic for xen
[17:12] <jdstrand> Your work is very much appreciated and will keep Ubuntu users secure. Great job!
[17:12] <jdstrand> [TOPIC] Weekly stand-up report
[17:12] <jdstrand> I'll go first
[17:12] <jdstrand> I'm on triage this week
[17:13] <jdstrand> I plan to do apparmor testing of tyhicks packaging of jjohansen's work
[17:13] <jdstrand> I've got a bunch of stuff to do for the click-reviewers-tools (click package audits/checks/etc)
[17:14] <jdstrand> I've been working on that this morning. I figure I've got another day of that and then should be all caught up with all the new click hooks
[17:14] <jdstrand> need to get serious about performance reviews
[17:14] <jdstrand> mdeslaur: you're up
[17:14] <mdeslaur> I'm on community this week
[17:14] <mdeslaur> I'm currently working on an embargoed issue
[17:14] <mdeslaur> and then I have some community libav updates to sponsor
[17:15] <mdeslaur> and I have a bunch of pending security updates to test and release
[17:15] <mdeslaur> that's it for me, sbeattie
[17:15] <sbeattie> I'm focusing on apparmor this week
[17:16] <sbeattie> In particular, focusing on testing jjohansen's stuff
[17:16] <sbeattie> Which is pretty much it for me. tyhicks?
[17:17] <tyhicks> I'm going to start on the 'implement kernel postinst policy compiles' WI and other related WIs
[17:18] <tyhicks> when the abstract socket mediation patches hit the list, I'll switch to preparing the new apparmor upload
[17:18] <tyhicks> that's it for me
[17:18] <tyhicks> sarnold: you're up now (jj is away)
[17:19] <sarnold> I'm in happy place this week; I'm finishing the trust-store MIR today, a few merge requests to review, likely some apparmor patches to review, and blueprint items to continue working on
[17:19] <sarnold> chrisccoulson: you're up
[17:20] <jdstrand> sarnold: can you also review https://code.launchpad.net/~mterry/unity8/dialer-above and...
[17:20] <jdstrand> https://code.launchpad.net/~mterry/ubuntu-system-settings/locking-hash/+merge/224346
[17:21] <jdstrand> sarnold: they are related to all the password setting stuff you've been doing
[17:21] <sarnold> jdstrand: sure :)
[17:21] <jdstrand> thanks
[17:22] <jdstrand> I think mdeslaur was also asked for a review of https://code.launchpad.net/~mterry/unity8/dialer-above/+merge/226476, so you guys can fight over it :)
[17:23] <sarnold> heh, he kicked it to me pretty quickly :)
[17:24] <mdeslaur> jdstrand: I gave all of those to sarnold
[17:24] <jdstrand> cool
[17:25] <jdstrand> ok, chrisccoulson, you're up
[17:25] <mdeslaur> sarnold: those were on your list, right?
[17:26] <sarnold> mdeslaur: dialer-above was, i don't recall the locking-hash url
[17:27] <mdeslaur> sarnold: it says the merge review was requested from you on 2014-06-24, did you not get the email?
[17:27] <sarnold> mdeslaur: yikes, that's a long time ago...
[17:28] <mdeslaur> ah, the merge proposal was updated after your comments
[17:29] <mdeslaur> I guess you can't re-ask for a review
[17:29] <mdeslaur> sarnold: anyway, please add it to your list
[17:31] <jdstrand> chrisccoulson doesn't seem to be available
[17:32] <sarnold> mdeslaur: ahhh, looks like locking-hash was the original pin implementation and then re-used for the PAM merge, right?
[17:32] <mdeslaur> yeah, looks like it
[17:32] <jdstrand> sarnold: are you done?
[17:32]  * jdstrand assumes the rest of this could be handled offline
[17:32] <sarnold> mdeslaur: funny, the first email I can find from launchpad about it was on july 4. o_O
[17:32] <sarnold> jdstrand: yeah
[17:32] <jdstrand> [TOPIC] Highlighted packages
[17:32] <jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[17:33] <jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[17:33] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/sanlock.html
[17:33] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/zookeeper.html
[17:33] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/jetty.html
[17:33] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/cxxtools.html
[17:33] <jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/merkaartor.html
[17:33] <jdstrand> [TOPIC] Miscellaneous and Questions
[17:34] <chrisccoulson> oh, sorry, was having dinner :/
[17:35] <mdeslaur> chrisccoulson: ok, your turn
[17:36] <chrisccoulson> this week I'm focused on getting automation for oxide daily builds finished. Also, the chromium update that was meant to happen last week didn't happen (issues with webapps), but that is going to happen this week
[17:36] <chrisccoulson> hopefully tomorrow
[17:36] <chrisccoulson> although, chromium 36 is planned for this week too :)
[17:36] <sarnold> busy week :)
[17:36] <chrisccoulson> the good news is that we'll be able to push oxide on time, at least ;)
[17:38] <chrisccoulson> once I've done the daily build stuff, I'm going to tackle bug 1326070, as we have quite a few hacks building up in the browser that are only there because this feature is missing
[17:38] <ubottu> bug 1326070 in Oxide "Add support for context menus" [High,Triaged] https://launchpad.net/bugs/1326070
[17:38] <chrisccoulson> that's about it, I think
[17:38] <jdstrand> chrisccoulson: thanks, and sorry the meeting was late
[17:38] <chrisccoulson> sure, no worries :)
[17:39] <jdstrand> Does anyone have any other questions or items to discuss?
[17:45] <jdstrand> mdeslaur, sbeattie, tyhicks, jjohansen, sarnold, ChrisCoulson: thanks!
[17:46] <jdstrand> #endmeeting
[17:46] <tyhicks> thanks!
[17:46] <sarnold> thanks jdstrand :)
[17:57] <mdeslaur> thanks jdstrand!
[19:07] <stgraber> !dmb-ping
[19:07] <ubottu> bdrung, ScottK, Laney, micahg, xnox, bdmurray, stgraber: DMB ping
[19:07]  * xnox o/
[19:07] <ScottK> \o
[19:08] <bdmurray> o/
[19:08] <ScottK> Who's chairing?
[19:08] <ScottK> Ah.  micahg.
[19:09] <bluesabre0> o/ hi everyone!
[19:09] <stgraber> yeah, if he shows up...
[19:10] <bdmurray> I thought micahg was supposed to chair the last one. Does the chair stay with him?
[19:11] <stgraber> yes
[19:20] <stgraber> ok, so no micahg, who's next in line then
[19:21] <bdmurray> ScottK is next alphabetically
[19:21] <stgraber> ScottK: did you chair the last one (I know micahg hasn't been around in a while and sort of lost track...)
[19:21]  * ScottK is on a call.Someon else please
[19:21] <stgraber> ok
[19:21] <stgraber> #startmeeting
[19:21] <stgraber> (still no bot...)
[19:22] <stgraber> == Review of previous action items  ==
[19:22] <stgraber> Laney to add Rohan Garg to ~motu (done)
[19:22] <stgraber> == Package Set/Per Package Uploader Applications ==
[19:22] <stgraber> Sean Davis - July 14th
[19:22] <stgraber> https://wiki.ubuntu.com/SeanDavis/DeveloperApplication
[19:22] <stgraber> bluesabre0: around?
[19:23] <bluesabre0> o/
[19:23] <stgraber> can you introduce yourself a bit and tell us why you're applying for upload rights today?
[19:23] <bluesabre0> hi everyone, I'm Sean Davis, the current Xubuntu Technical Lead
[19:24] <bluesabre0> I've been helping with package maintenance for Xubuntu for several cycles now
[19:25] <bluesabre0> We tend to find ourselves bottlenecked for releasing new features and uploading packages, so I would like to apply for upload rights to reduce the workload we send to sponsors
[19:25] <bluesabre0> I've had several packages sponsored while helping with package maintenance, http://ubuntu-dev.alioth.debian.org/cgi-bin/ubuntu-sponsorships.cgi?render=html&sponsoree=Sean+Davis&sponsoree_search=name
[19:26] <bluesabre0> and would like to continue to provide packaging support for the Xubuntu team
[19:26] <bluesabre0> I'm also one of the Xubuntu and Xfce developers, so I handle software releases as well
[19:28] <bluesabre0> Please let me know if you have any questions for me.
[19:29] <stgraber> thanks for the nice introduction!
[19:29] <bluesabre0> :)
[19:29] <xnox> bluesabre0: On menulibre package in Debian, why are you not listed as the Maintainer?
[19:30] <bluesabre0> xnox: Noskcaj handled the initial packaging, I help to co-maintain the package
[19:30] <xnox> bluesabre0: ok.
[19:31] <bluesabre0> co-maintainer: https://qa.debian.org/developer.php?login=smd.seandavis%40gmail.com&comaint=yes
[19:31] <xnox> yeap.
[19:33] <xnox> bluesabre0: image it's 5th of August, as Xubuntu lead what indicators you would use to monitor Xubuntu readiness state for that release?
[19:33] <xnox> s/image/imagine/
[19:34] <bluesabre0> we monitor package and image testing in Xubuntu, and watch for reported bugs against our release
[19:35] <bluesabre0> we also track progress on Launchpad and Trello
[19:35] <bluesabre0> to keep on top of immediate action items
[19:35] <bluesabre0> so if we do not have any blocking issues, or showstoppers, the image should be in an acceptable state for release
[19:36] <xnox> bluesabre0: Sounds good. is Trello public? what's the url? Also where are Xubuntu image testing results (e.g. url) ?
[19:37] <bluesabre0> image testing here: http://iso.qa.ubuntu.com/
[19:38] <bluesabre0> the xubuntu-team trello is currently private to team members
[19:39] <bluesabre0> Trello is something new that the team has been using for this cycle, and has helped with tracking progress towards 14.04.1 and 14.10
[19:39] <xnox> bluesabre0: cool. Fair enough.
[19:41] <ScottK> Why is it private?
[19:42] <bluesabre0> I'm not certain, it was initially prepared by our other team members to trial over this release.
[19:44] <bluesabre0> ok, from our qa lead, it's private since we're still trialing it
[19:47] <ScottK> FOSS projects should work in public unless there's a good reason.
[19:47] <ScottK> Not sure that's a good reason.
[19:49] <stgraber> bluesabre0: are you subscribed to ubuntu-devel-announce?
[19:49] <bluesabre0> We are not using Trello exclusively, all of our current project details, status, and work items are available in their regular locations on Launchpad and the Testing Tracker as well.
[19:50] <bluesabre0> strgraber: I was not previously... subscribing now.
[19:51] <bluesabre0> subscription request sent.
[19:54] <stgraber> bluesabre0: I understand most packages in the set you're applying for are xubuntu-specific, however do you know how to check what other flavour they may impact so that you can talk to them when we're frozen or preparing a milestone?
[19:56] <xnox> bluesabre0: last question from me. Has it happened to you before that you upload a package, yet it hasn't reached e.g. debian unstable, or ubuntu trusty-updates, or stuck in *-proposed pocket? If that happens, where would you look to check the status of said package?
[19:57] <bluesabre0> stgraber: not immediately. I do know that we share a number of packages with ubuntu-studio and lubuntu, and we consult often with them when changing packages or functionality
[19:58] <stgraber> bluesabre0: ok, the answer I was expecting is "seeded-in-ubuntu" which is a tool part of ubuntu-dev-tools which will let you know who else is impacted by a given package
[19:59] <xnox> bluesabre0: please do install that package, and read man-pages / --help of tools there. They are quite nifty.
[19:59] <xnox> =)
[20:00] <bluesabre0> xnox: https://launchpad.net/ubuntu/trusty/+queue The various queues for Ubuntu, for Debian I'm not entirely certain since I've not had any issues
[20:00] <bluesabre0> stgraber, xbox: will check that out, that sounds useful
[20:00] <ScottK> BTW, Kubuntu has been using Trello for several cycles.  Feel free to visit #kubuntu-devel to discuss lessons learned.
[20:00] <bluesabre0> *xnox
[20:00] <bdmurray> bluesabre0: if you haven't seen https://bugs.launchpad.net/ubuntu/trusty/+source/menulibre/+bug/1323405/comments/4 already please have a look at it and let us know if you have any questions about that part of the process.
[20:00] <bluesabre0> (sorry)
[20:00] <ubottu> Ubuntu bug 1323405 in menulibre (Ubuntu Trusty) "[SRU] Please backport menulibre-2.0.4 to trusty" [High,Fix committed]
[20:01] <stgraber> #vote PPU upload rights for bluesabre0 to the Xubuntu set
[20:01] <ScottK> +1
[20:02] <bluesabre0> bdmurray: yes, I was recently informed of that, lessons learned :)
[20:02] <bdmurray> +1
[20:02] <xnox> bluesabre0: alright. =) in addition to raw queues there are also: http://people.canonical.com/~ubuntu-archive/pending-sru.html and https://wiki.ubuntu.com/ProposedMigration - http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html
[20:02] <xnox> +1
[20:02] <stgraber> +1
[20:02] <stgraber> #endvote
[20:02] <bdmurray> bluesabre0: great, just wanted to make sure
[20:02] <stgraber> bluesabre0: congrats!
[20:02] <bluesabre0> thanks everyone!
[20:02] <stgraber> #topic AOB
[20:03] <stgraber> Chair for next meeting will be micahg, hoping he'll actually be able to attend this time...
[20:03] <stgraber> #endmeeting
[20:03]  * xnox did write zequence endorsement on his wiki page application. Task from last time~ish.