[16:37] <tyhicks> hello
[16:38] <jjohansen> \o
[16:38] <tyhicks> #startmeeting
[16:38] <meetingology> Meeting started Mon May 18 16:38:31 2015 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:38] <meetingology> Available commands: action commands idea info link nick
[16:38] <tyhicks> The meeting agenda can be found at:
[16:38] <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[16:38] <tyhicks> [TOPIC] Weekly stand-up report
[16:38] <tyhicks> jdstrand: you're up
[16:45] <jdstrand> hi!
[16:45] <jdstrand> sorry
[16:45] <jdstrand> so, this week I am working on planning out our work
[16:45] <jdstrand> I finished up the libseccomp SRU and it is just waiting for the week to pass
[16:46] <jdstrand> I need to get back to seccomp policy updates on snappy and review tools work
[16:47] <jdstrand> I'm also working on getting core and touch security support nailed down, so then we can define our processes, update tools, etc
[16:47] <jdstrand> that's it from me
[16:48] <tyhicks> sbeattie: you're up
[16:48] <sbeattie> I'm on cve triage this week.
[16:48] <sbeattie> The rsyslog trusty SRU I did was released to trusty-updates.
[16:48] <sbeattie> My wily apparmor upload is still waiting to migrate from wily-proposed but is blocked on bogus test failures in other packages. I made
[16:48] <sbeattie>  a query in #ubuntu-release but got no response.
[16:48] <sbeattie> I've finished the paperwork for the trusty apparmor SRU, I just need to bug someone to copy it over from the security-proposed ppa to the trusty-proposed queue.
[16:48] <sbeattie> someone == jdstrand :)
[16:49] <sbeattie> I have some upstream apparmor patches to review for an impending 2.10 release, which is needed for the planned systemd apparmor integration.
[16:49] <sbeattie> I think I can finally get back the gcc-pie work this week
[16:49] <sbeattie> That's pretty much it for me. tyhicks: you're up.
[16:50] <tyhicks> I'm in the happy place this week
[16:50] <tyhicks> I have more to do around team work planning
[16:51] <tyhicks> add kernel keyring mediation support to AppArmor parser
[16:51] <tyhicks> revive patch security updates
[16:51] <tyhicks> Send proposed fix for bug #1427264 to upstream schroot
[16:51] <tyhicks> Come up with a fix for bug #1438942
[16:51] <jdstrand> sbeattie: 2.8.95~2430-0ubuntu5.2 to trusty-proposed?
[16:51] <tyhicks> embargoed issue
[16:51] <sbeattie> jdstrand: yes, indeed.
[16:52] <jdstrand> sbeattie: done
[16:52] <sbeattie> jdstrand: thanks!
[16:52] <tyhicks> that's it for me
[16:52] <tyhicks> jjohansen: you're up
[16:52] <jjohansen> well I have the next round of kernel security sign-offs to finish up this morning
[16:53] <jjohansen> I have my patchset for upstream that I didn't quite finish up with last week to finish off with
[16:54] <jjohansen> and then its back to rest of the cleanup, for upstreaming
[16:55] <jjohansen> oh and I will be synching up on the dconf work, I'm not sure what is there but there will be some time on that
[16:56] <jjohansen> thats it for me sarnold you're up
[16:56] <sarnold> I'm on community this week; there's still some outstanding sync matches in d2u. I don't think I'll try tackling any of the merge matches this week though.
[16:57] <sarnold> I'll also be working on tracking down our current status with openstack CVEs, some are silently fixed by server-team updates along the way, some are still outstanding.
[16:57] <sarnold> I may also sneak in an apparmor patch review or two for variety.
[16:57] <sarnold> that's it for me, chrisccoulson?
[16:58] <chrisccoulson> I'm just doing the thunderbird publication, which is my only planned update for this week \o/
[16:58] <tyhicks> nice :)
[16:59] <chrisccoulson> I got through some reviews last week. I plan to get https://code.launchpad.net/~osomon/oxide/context-menu/+merge/257351 done and also look at the branches that have been updated since I commented on them
[16:59] <chrisccoulson> Other than that, I'll be working through whatever I can get done on https://launchpad.net/oxide/+milestone/branch-1.8
[17:00] <chrisccoulson> I think that's me done
[17:01] <tyhicks> thanks
[17:01] <tyhicks> [TOPIC] Highlighted packages
[17:01] <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[17:01] <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[17:02] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/autojump.html
[17:02] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/ganeti.html
[17:02] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/davfs2.html
[17:02] <tyhicks> [TOPIC] Miscellaneous and Questions
[17:02] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/libtar.html
[17:02] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/rawtherapee.html
[17:02] <tyhicks> Does anyone have any other questions or items to discuss?
[17:03] <tyhicks> jdstrand, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks!
[17:03] <tyhicks> #endmeeting
[17:03] <meetingology> Meeting ended Mon May 18 17:03:57 2015 UTC.
[17:03] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2015/ubuntu-meeting.2015-05-18-16.38.moin.txt
[17:04] <jjohansen> thanks tyhicks
[17:04] <sarnold> thanks tyhicks
[17:04] <sbeattie> tyhicks: thanks!