| === wolsen_ is now known as wolsen | ||
| === bladernr_ is now known as bladernr-malta | ||
| mdeslaur | \o | 16:32 |
|---|---|---|
| tyhicks | hello | 16:33 |
| tyhicks | #startmeeting | 16:33 |
| meetingology | Meeting started Mon Apr 27 16:33:24 2015 UTC. The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology. | 16:33 |
| meetingology | Available commands: action commands idea info link nick | 16:33 |
| tyhicks | The meeting agenda can be found at: | 16:33 |
| tyhicks | [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting | 16:33 |
| tyhicks | [TOPIC] Announcements | 16:33 |
| === meetingology changed the topic of #ubuntu-meeting to: Announcements | ||
| tyhicks | Thanks to Rhonda D'Vine (rhonda) for help on security updates for the community supported wesnoth-1.10 last week. Your work is very much appreciated and will keep Ubuntu users secure. Great job! :) | 16:34 |
| tyhicks | (LP: #1445688) | 16:34 |
| ubottu | Launchpad bug 1445688 in wesnoth-1.10 (Ubuntu Utopic) "private file disclosure issue (CVE-2015-0844)" [Undecided,Fix released] https://launchpad.net/bugs/1445688 | 16:34 |
| tyhicks | [TOPIC] Weekly stand-up report | 16:34 |
| === meetingology changed the topic of #ubuntu-meeting to: Weekly stand-up report | ||
| tyhicks | jdstrand is busy atm so we'll skip him for now | 16:35 |
| tyhicks | he can jump in if he frees up | 16:35 |
| tyhicks | mdeslaur: go ahead | 16:35 |
| mdeslaur | I'm on community this week | 16:35 |
| mdeslaur | Im currently sponsoring ffmpeg | 16:35 |
| mdeslaur | tomorrow I have patch piloting duties | 16:35 |
| mdeslaur | I just published a few updates, and I have a couple more to test | 16:35 |
| mdeslaur | and I completely forgot about the openssl precise update that I started, which I'll look into again | 16:36 |
| mdeslaur | that's about it form me, sbeattie? | 16:36 |
| essembe | I'm on bug triage this week | 16:36 |
| mdeslaur | essembe: INTRUDER! | 16:36 |
| tyhicks | who's this guy | 16:36 |
| essembe | oh bah | 16:36 |
| sarnold | he looks shifty | 16:36 |
| === essembe is now known as sbeattie | ||
| sbeattie | I'm on bug triage this week | 16:36 |
| sbeattie | I'm finishing up preparing the trusty apparmor SRU, I just have a couple of snags I hit to smooth out. | 16:37 |
| sbeattie | And then I'll switch to focusing on the gcc-pie work | 16:38 |
| sbeattie | I need to look at tyhicks patchset to support systemd, so we can land that work when W opens | 16:38 |
| sbeattie | that's pretty much it for me. tyhicks? | 16:38 |
| tyhicks | mdeslaur: back to your openssl precise update - is that to enable tlsv1.2 by default for clients? | 16:39 |
| tyhicks | I'm on CVE triage this week | 16:41 |
| tyhicks | I have a short week and will be off Thursday and Friday | 16:41 |
| tyhicks | I need to circle back to a number of things that were ignored during the ramp up to the Vivid release | 16:41 |
| tyhicks | and I want to finish the kernel patches for AppArmor kernel keyring mediation | 16:42 |
| tyhicks | it would be nice if I could get those patches out for review before Thursday but I'm not sure | 16:42 |
| tyhicks | jjohansen: you're up | 16:42 |
| mdeslaur | tyhicks: yes, that's it | 16:42 |
| tyhicks | thanks | 16:42 |
| jjohansen | I have a short week this week, I will be off Friday | 16:42 |
| jjohansen | I have a couple backported CVE kernel fixes to look at and discuss with the kernel team | 16:43 |
| jjohansen | I also have a couple more apparmor patches to get out to the kernel team, so we can get the fixes into the next round of kernels | 16:44 |
| jjohansen | bug #1430546 | 16:44 |
| ubottu | bug 1430546 in linux (Ubuntu) "apparmor kernel BUG kills firefox" [Medium,Triaged] https://launchpad.net/bugs/1430546 | 16:44 |
| jjohansen | being one of them (sorry I seem to have lost my browser tabs) | 16:45 |
| tyhicks | no problem | 16:46 |
| jjohansen | and then its back to the apparmor upstream cleanup. I plan to finish up with the domain transition cleanup/fixes this week (not that I didn't plan on finishing that bit last week :/) | 16:46 |
| jjohansen | I think that is it from me sarnold you're up | 16:47 |
| tyhicks | jjohansen: I noticed that a new AA kernel bug came in (LP: #1448912) | 16:47 |
| ubottu | Launchpad bug 1448912 in AppArmor "BUG: unable to handle kernel NULL pointer dereference" [Undecided,New] https://launchpad.net/bugs/1448912 | 16:47 |
| jjohansen | tyhicks: oh I hadn't noticed that one, yet. I'll poke at that one too, this week | 16:48 |
| tyhicks | thanks | 16:48 |
| tyhicks | sarnold: go ahead :) | 16:49 |
| sarnold | I'm in the happy place this week; I will be working more on openstack updates, and getting the hang of how the different openstack services work, etc. | 16:49 |
| mdeslaur | sarnold: FYI, I think the updates in the ppa are now out of date, more CVEs came out in the meantime | 16:50 |
| sarnold | I think I'll poke at the horizon service this week, and try to reproduce one of the issues on serverstack and try to find out if th e issue affects precise or not, and I'd love love love to get an update out the door, but .. thursdays always come so quickly | 16:50 |
| sarnold | mdeslaur: yes, I think most of those updates are now stale :( | 16:51 |
| tyhicks | getting an update out this week would be great since you're in the happy place | 16:51 |
| tyhicks | it is always a little more difficult on cve triage weeks | 16:51 |
| sarnold | yes | 16:51 |
| sarnold | so very much yes :) | 16:51 |
| tyhicks | sarnold: do you plan on updating the packages with the new fixes? | 16:51 |
| sarnold | tyhicks: I can give it ashot, I haven't actually looked into the details of any of the fixed packages in the ppa, excepting the one horizon issue | 16:52 |
| sarnold | .. nor the details of the subsequently discovered CVEs | 16:52 |
| tyhicks | sarnold: ok, we'll discuss it more in a little bit | 16:52 |
| sarnold | I may also do some apparmor patch reviews for distraction along the way | 16:53 |
| sarnold | that's me, chrisccoulson? | 16:53 |
| chrisccoulson | This week, I need to get chromium out | 16:53 |
| chrisccoulson | I'll also be working through code reviews (my queue is quite large now) | 16:53 |
| chrisccoulson | And I'm currently looking at a browser crash on the phone | 16:54 |
| chrisccoulson | Other than that, it's business as usual (hopefully) | 16:54 |
| tyhicks | thanks | 16:55 |
| tyhicks | [TOPIC] Highlighted packages | 16:55 |
| === meetingology changed the topic of #ubuntu-meeting to: Highlighted packages | ||
| tyhicks | The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. | 16:56 |
| tyhicks | See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. | 16:56 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/mednafen.html | 16:56 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/prewikka.html | 16:56 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/rt-authen-externalauth.html | 16:56 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/forked-daapd.html | 16:56 |
| tyhicks | http://people.canonical.com/~ubuntu-security/cve/pkg/mc.html | 16:56 |
| tyhicks | [TOPIC] Miscellaneous and Questions | 16:56 |
| === meetingology changed the topic of #ubuntu-meeting to: Miscellaneous and Questions | ||
| tyhicks | Does anyone have any other questions or items to discuss? | 16:56 |
| tyhicks | mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks! | 16:58 |
| tyhicks | #endmeeting | 16:58 |
| === meetingology changed the topic of #ubuntu-meeting to: Ubuntu Meeting Grounds | Calendar/Scheduled meetings: http://fridge.ubuntu.com/calendar | Logs: https://wiki.ubuntu.com/MeetingLogs | Meetingology documentation: https://wiki.ubuntu.com/meetingology | ||
| meetingology | Meeting ended Mon Apr 27 16:58:17 2015 UTC. | 16:58 |
| meetingology | Minutes: http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-04-27-16.33.moin.txt | 16:58 |
| sbeattie | tych0: thanks! | 16:58 |
| jjohansen | thanks tyhicks | 16:58 |
| mdeslaur | thanks tyhicks! | 16:58 |
| sbeattie | double bah. | 16:58 |
| sbeattie | tyhicks: thanks! | 16:58 |
| sbeattie | tych0: sorry. | 16:58 |
| sarnold | thanks tyhicks | 16:58 |
| micahg | anyone here to discuss anything at the DMB meeting, if not, we'l reconvene in two weeks since there's nothing on the agenda for today | 19:01 |
| bdmurray | micahg: have the previous action items been taken care of? | 19:02 |
| micahg | well, the first one is still out there, the second is done, I just need to send a follow-up message, but my E-Mail client wasn't being helpful before the meeting, I'll send that today | 19:03 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!