[16:30] <mdeslaur> \o
[16:30] <jdstrand> hi!
[16:30] <tyhicks> #startmeeting
[16:30] <meetingology> Meeting started Mon Feb  9 16:30:15 2015 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:30] <meetingology> Available commands: action commands idea info link nick
[16:30] <tyhicks> The meeting agenda can be found at:
[16:30] <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[16:30] <tyhicks> [TOPIC] Announcements
[16:30] <tyhicks> We have created a new role in our rotation schedule. "Triage" has been split into "CVE Triage" and "Bug Triage".
[16:30] <tyhicks> Gianfranco Costamagna (LocutusOfBorg) provided debdiffs for precise-utopic for virtualbox (LP: #1413603)
[16:30] <tyhicks> Otto Kekaelaeinen (otto) provided debdiffs for trusty and utopic for mariadb-5.5 (LP: #1414755)
[16:30] <tyhicks> Thomas Ward (teward) provided a debdiff for utopic for wireshark (LP: #1418211)
[16:31] <tyhicks> Joe Damato (ice799) provided a debdiff for precise for libfcgi (LP: #1418778)
[16:31] <tyhicks> Those four contributions are very much appreciated and will keep Ubuntu users secure. Great job! :)
[16:31] <tyhicks> [TOPIC] Weekly stand-up report
[16:31] <jdstrand> indeed-- lots of contributions. awesome! :)
[16:31] <tyhicks> jdstrand: you're up
[16:31] <tyhicks> yes, great contributions! :)
[16:33] <jdstrand> this week I plan to work on helping define snappy hardware access
[16:33] <jdstrand> and also picking up a bit on snappy fingerprint
[16:33] <jdstrand> I'll also be working on an embargoed issue
[16:34] <jdstrand> mdeslaur: you're up
[16:35] <mdeslaur> I'm working on updates, as usual...ntp is going out today, and I have krb5 to test
[16:35] <mdeslaur> that's it, sbeattie, you're up
[16:35] <sbeattie> I'm jumping back in to the rotation, and am on Community this week.
[16:36] <sbeattie> I'm testing my binutils update (finally!) and will release that today.
[16:36] <sbeattie> After that, I'll jump back on gcc-pie-for-amd64.
[16:37] <sbeattie> That's it for me; tyhicks, you're up.
[16:37] <tyhicks> I'm jumping back in the rotation, as well
[16:37] <tyhicks> I'm in the new bug triage role this week
[16:38] <tyhicks> I need to fix some tools and close out a lot of invalid bug tasks
[16:38] <tyhicks> I've finalized v4 of the dbus-daemon AppArmor mediation patch set and need to finish testing it and then attach the patches to the upstream bug
[16:39] <tyhicks> I still haven't gotten to proposing v2 of the libapparmor API changes but need to do that ASAP
[16:39] <tyhicks> I should be able to start on that this afternoon
[16:40] <tyhicks> the patch update was put on the backburner last week since upstream drastically changed their fix for one of the CVEs
[16:40] <tyhicks> it looks like their tree has settled down and that I should go back to fixing those issues in patch
[16:40] <tyhicks> that's probably all that I'll get to this week
[16:40] <tyhicks> jjohansen: you're up
[16:43] <jjohansen> So it seems I have most of the stack from last week and a few more items as well. There is an apparmor meeting this week, with some discussion needed around the kernel interface context (mode values), the is any v2 libapparmor aa_features API discussion an review that hits, Casey's LSM stacking patch
[16:44] <jjohansen> I still need to work on the second revision of the deleted socket mediation bug
[16:44] <jjohansen> and of course continue with the kernel code cleanup
[16:45] <jjohansen> I think that is it from me, sarnold you're up
[16:47] <sarnold> I'm on CVE triage this week; I'm hoping to return to the horizon update and finally make forward progress there again, as well as get the hang of the serverstack cloud for testing openstack updates. there's also a backlog of MIRs outstanding, I may get to those during testing runs, if the testing runs happen :)
[16:47] <sarnold> that's it for me, looks like no chris, tyhicks?
[16:48] <jdstrand> I think chrisccoulson is here
[16:48] <chrisccoulson> hi :)
[16:48] <jdstrand> hi! :)
[16:49] <chrisccoulson> This week, I'll be getting a new oxide release out and continuing with stuff in https://launchpad.net/oxide/+milestone/branch-1.6
[16:49] <chrisccoulson> And that's about it :)
[16:49] <sarnold> sorry chrisccoulson, not sure how my tab key and I failed :)
[16:51] <tyhicks> [TOPIC] Highlighted packages
[16:51] <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[16:51] <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[16:51] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/virtualbox-guest-additions-iso.html
[16:51] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/rc.html
[16:51] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libfpdi-php.html
[16:51] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libapache-poi-java.html
[16:51] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/cabextract.html
[16:52] <tyhicks> [TOPIC] Miscellaneous and Questions
[16:52] <tyhicks> Does anyone have any other questions or items to discuss?
[16:54] <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, chrisccoulson: thanks!
[16:54] <tyhicks> #endmeeting
[16:54] <meetingology> Meeting ended Mon Feb  9 16:54:40 2015 UTC.
[16:54] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-02-09-16.30.moin.txt
[16:54] <mdeslaur> thanks tyhicks!
[16:54] <jjohansen> thank tyhicks
[16:54] <jdstrand> tyhicks: thanks! :)
[16:54] <sbeattie> tyhicks: thanks!
[16:55] <sarnold> thanks tyhicks!