=== Davos is now known as ecifo === Guest33721 is now known as benonsoftware === benonsoftware is now known as Guest48867 === Guest48867 is now known as benonsoftware === kickinz1|afk is now known as kickinz1 === kickinz1 is now known as kickinz1|afk === kickinz1|afk is now known as kickinz1 === kickinz1 is now known as kickinz1|afk === kickinz1|afk is now known as kickinz1 === chrisccoulson_ is now known as chrisccoulson [16:36] hello [16:36] \o [16:36] o/ [16:36] \o [16:36] * sbeattie aves [16:36] waves, even [16:36] #startmeeting [16:36] Meeting started Mon Feb 23 16:36:48 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. [16:36] Available commands: action commands idea info link nick [16:36] The meeting agenda can be found at: [16:36] [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting [16:37] [TOPIC] Announcements === meetingology changed the topic of #ubuntu-meeting to: Announcements [16:37] Chris Pollock provided a debdiff for lucid for ClamAV (LP: #1420819). Your work is very much appreciated and will keep Ubuntu users secure. Great job! Smile :) [16:37] Launchpad bug 1420819 in clamav (Ubuntu) "ClamAV 0.98.6 security update for Lucid" [Medium,Fix released] https://launchpad.net/bugs/1420819 [16:37] [TOPIC] Weekly stand-up report === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report [16:37] jdstrand: you're up [16:38] hi! [16:39] I plan on focusing on snappy this week. specifically, hw access [16:39] I need to also update the SnappyConfinement spec since it is out of date [16:39] tyhicks: we need to discuss overlayfs with slangasek sometime soon [16:40] tyhicks: we don't have to plan that now, but let's discuss after the meeting [16:40] * tyhicks nods [16:40] I also need to get to some review tools changes [16:41] I'll move on to other bits after that (frameworks, fingerprint, etc) [16:41] I think that's it from me [16:42] thanks [16:42] mdeslaur: your turn [16:43] I'm currently testing the samba updates [16:43] I plan on publishing samba and e2fsprogs updates today [16:44] and some ca-certificates updates with a new bundle in them [16:44] after that, I'm going to work on freetype updates [16:44] that's it for me, sbeattie, you're up [16:44] I'm on cve triage this week, so relearning that. [16:45] :) [16:45] I need to push for sponsorship of apparmor and apparmor-easyprof-ubuntu into vivid, after completing testing of that last week [16:46] I've uploaded gcc-5 packages with pie by default and set as the default compiler to https://launchpad.net/~sbeattie/+archive/ubuntu/gcc-pie-amd64/, and will be testing those. [16:46] (gcc-5 is the planned compiler for vivid+1) [16:46] that's pretty much it for me. [16:46] fantastic, I look forward to fixing the fall out of that in oxide :) [16:47] sbeattie: nice! [16:47] chrisccoulson: it will be awesome, I assure, based on some of the gcc-5 breakage I've seen already. [16:47] sbeattie, I'll just assign all bugs to doko [16:47] hehe [16:47] tyhicks: you're up. [16:48] I will retest and publish ecryptfs-utils security updates after the changes get acked for merging upstream [16:48] I need to review and test an ecryptfs kernel fix from cking (thanks!) [16:49] I need to dig into an ecryptfs data loss issue on btrfs [16:49] I'll propose a v2 of the libapparmor API changes this week [16:50] and I need to review some overlayfs related changes that went into 4.0-rc1 over the weekend [16:51] they look like they might be related to a patch set that jjohansen and I thought may fix some of the issues that we are seeing with overlayfs and apparmor [16:51] that'll feed into the discussion that jdstrand mentioned above [16:51] that's it for me [16:51] jjohansen: you're up [16:52] I need to dig into why the fd inheritance tests are dying on krillin bug 1423810 [16:52] poke someone again to verify the fix for bug 1408833 works for them, so I can push it to the kt. [16:52] Hopefully get a discussion of v2 libapparmor aa_features API in [16:52] bug 1423810 in apparmor (Ubuntu) "[krillin] apparmor fd_inheritance regression test causes kernel to crash" [Undecided,New] https://launchpad.net/bugs/1423810 [16:52] bug 1408833 in AppArmor "broken postinst test for uvtool-libvirt on utopic" [Undecided,Confirmed] https://launchpad.net/bugs/1408833 [16:53] It looks like I might need to possibly poke at some overlayfs changes [16:54] and of course I have apparmor kernel cleanups for upstream to continue working [16:54] on [16:54] I think that is it for me, sarnold you're up [16:54] jjohansen: are you making much progress on the upstreaming work or has there been too many other distractions popping up? [16:55] tyhicks: less progress than I would like, there have been a fair few distractions, but it depends on the week [16:55] ok [16:56] I need to focus on getting a first set of patches together to push this next cycle [16:56] that'd be great [16:56] yeah [16:56] especially now that AA mediation landed in upstream D-Bus [16:56] folks will want to start using that soon :) [16:56] go ahead, sarnold [16:57] oh yes, and a big congratulations to tyhicks on pushing that through [16:57] +1 [16:57] I'm on community this week; I'm working on several MIRs for the server team, horizon security update, and talking with ibm about the ppc64-diag mir review from a few weeks ago [16:57] tyhicks: hehe, yes, congratulations :) [16:57] thanks! :) [16:58] I might get an apparmor patch or two reviewed in the meantime for some variety, but I'm not likely to make it through an entire patch series. [16:58] that's it for me, chrisccoulson? [16:58] I should be back to a normal working routine this week [16:58] I've got Firefox + Thunderbird updates to do [16:59] And other than that, I'll be working on embargoed stuff [16:59] that's me done [17:01] [TOPIC] Highlighted packages === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages [17:01] The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. [17:01] See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. [17:01] http://people.canonical.com/~ubuntu-security/cve/pkg/ckeditor.html [17:01] http://people.canonical.com/~ubuntu-security/cve/pkg/obby.html [17:01] http://people.canonical.com/~ubuntu-security/cve/pkg/zookeeper.html [17:02] http://people.canonical.com/~ubuntu-security/cve/pkg/davfs2.html [17:02] http://people.canonical.com/~ubuntu-security/cve/pkg/gambas3.html [17:02] [TOPIC] Miscellaneous and Questions === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions [17:02] Does anyone have any other questions or items to discuss? [17:04] jdstrand, mdeslaur, sbeattie, jjohansen, chrisccoulson: Thanks! [17:04] #endmeeting === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology [17:04] Meeting ended Mon Feb 23 17:04:16 2015 UTC. [17:04] Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-02-23-16.36.moin.txt [17:04] tych0: thanks! [17:04] thanks tyhicks [17:04] err, tyhicks: thanks! [17:04] thanks tyhicks! [17:04] :) [17:07] thanks tyhicks! === kickinz1 is now known as kickinz1|afk === kickinz1|afk is now known as kickinz1 === kickinz1 is now known as kickinz1|afk