=== doko__ is now known as doko === Pici` is now known as Guest51728 === Guest51728 is now known as pici === pici is now known as Pici [16:44] hi! [16:44] hello! [16:45] #startmeeting [16:45] Meeting started Mon Apr 6 16:45:07 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. [16:45] Available commands: action commands idea info link nick [16:45] * sbeattie o/ [16:45] The meeting agenda can be found at: [16:45] [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting [16:45] [TOPIC] Announcements === meetingology changed the topic of #ubuntu-meeting to: Announcements [16:46] Thanks to Johan Van de Wauw (johanvdw) for security updates (14.04 through Vivid) for the community supported postgis (LP: #1438875) package last week. Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) [16:46] Launchpad bug 1438875 in postgis (Ubuntu Vivid) "Database crash with invalid geoJSON input" [Medium,Fix released] https://launchpad.net/bugs/1438875 [16:46] [TOPIC] Weekly stand-up report === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report [16:46] jdstrand: you're up [16:46] like last week, this week is snappy focused [16:47] the security yaml bits landed last week for both apparmor and snappy and now I am writing review tools tests for that [16:48] the framework policy bits landed last week for apparmor and is in review now for snappy. I wrote the review tools tests for that last week [16:48] after I finish the security yaml review tools tests, I'm going to proceed to the hashes.yaml review tools tests [16:49] I started the seccomp policy bits last week and will pick that up this week [16:49] that's it from me [16:49] * sbeattie is up [16:49] I'm on community this week. [16:50] I have some more apparmor patches to review as well as trying to tie things up so we can do a trusty SRU with the python tools based on a 2.9.2 release [16:50] And gcc-pie testing is still on my plate. [16:50] perfect [16:51] that's the priorities for my week. tyhicks, you're up. [16:51] we need to get that trusty SRU out the door very soon [16:51] yeah [16:51] it is good to hear that we're getting close :) [16:52] I'm on bug triage this week [16:52] Vivid systemd/sbuild/schroot/kernel bugs (LP: #1427264) (LP: #1438942) (LP: #1439849) [16:52] Launchpad bug 1427264 in click (Ubuntu) "using ecryptfs, creating frameworks fail to bind mount issues" [High,Triaged] https://launchpad.net/bugs/1427264 [16:52] Launchpad bug 1438942 in schroot (Ubuntu) "Host's /dev/shm is mounted over when entering 14.10 and older sbuild schroots" [High,Confirmed] https://launchpad.net/bugs/1438942 [16:52] Launchpad bug 1439849 in linux (Ubuntu) "BUG: unable to handle kernel NULL pointer dereference at 0000000000000010" [High,In progress] https://launchpad.net/bugs/1439849 [16:52] Restart work on AppArmor kernel keyring mediation for user data encryption [16:52] Finish up the patches to fix bug #1430532 and send them out for review [16:52] bug 1430532 in AppArmor "libapparmor needs a public function to break a context into a label and mode" [Medium,In progress] https://launchpad.net/bugs/1430532 [16:53] and either sarnold or myself need to get to the python-cryptography MIR (LP: #1430082) [16:53] Launchpad bug 1430082 in python-cryptography (Ubuntu) "[MIR] python-cryptography, python-cffi, pycparser, enum34" [High,New] https://launchpad.net/bugs/1430082 [16:53] that's it for me [16:53] sarnold: you're up [16:53] I'm on cve triage this week [16:54] I finally feel like I'm getting the hang of the serverstack environment for openstack testing, too, which is nice; some things can be done via yaml and some things probably just need to be done via juju ssh --all [16:55] of course I still don't know why installing some new python glance libraries prevents new glance image uploads; the changes involved are about validating certificates, so perhaps it's supposed to fail now.. [16:56] and since test runs there take either ten minutes or an hour and ten minutes, there'll be some time for small tasks, perhaps a MIR or apparmor patch review [16:56] that's it for me, tyhicks? [16:56] sarnold: how about bumping the version of the current in-archive glance, without making any other changes, and seeing if glance image uploads work then? [16:58] we can continue the conversation offline [16:58] [TOPIC] Highlighted packages === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages [16:59] The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. [16:59] See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. [16:59] http://people.canonical.com/~ubuntu-security/cve/pkg/lib3ds.html [16:59] http://people.canonical.com/~ubuntu-security/cve/pkg/libextlib-ruby.html [16:59] http://people.canonical.com/~ubuntu-security/cve/pkg/openarena.html [16:59] http://people.canonical.com/~ubuntu-security/cve/pkg/xmonad-contrib.html [16:59] http://people.canonical.com/~ubuntu-security/cve/pkg/lemonldap-ng.html [16:59] [TOPIC] Miscellaneous and Questions === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions [16:59] Does anyone have any other questions or items to discuss? [17:00] jdstrand, sbeattie, sarnold: Thanks! [17:00] #endmeeting === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology [17:00] Meeting ended Mon Apr 6 17:00:35 2015 UTC. [17:00] Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-04-06-16.45.moin.txt [17:00] tyhicks: thanks! [17:01] thanks tyhicks! [17:02] thanks tyhicks! :)