[05:33] <Kilos> o/
[16:32] <tyhicks> hello
[16:32] <mdeslaur> \o
[16:32] <tyhicks> #startmeeting
[16:32] <meetingology> Meeting started Mon Mar  7 16:32:55 2016 UTC.  The chair is tyhicks. Information about MeetBot at http://wiki.ubuntu.com/meetingology.
[16:32] <meetingology> Available commands: action commands idea info link nick
[16:32] <tyhicks> The meeting agenda can be found at:
[16:33] <tyhicks> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
[16:33] <tyhicks> [TOPIC] Weekly stand-up report
[16:33] <tyhicks> jdstrand: you're up
[16:35] <jdstrand> hi
[16:36] <jdstrand> so this week I will be working with the snappy core team on integrating security policies into interfaces
[16:36] <jdstrand> I also plan to work on security policies for snappy on classic
[16:37] <jdstrand> I have 2-3 embargoed items I'm working on
[16:37] <jdstrand> mdeslaur: you're up
[16:37] <mdeslaur> I'm currently testing a django regression fix for the regression fix that I'll be publishing today
[16:37] <mdeslaur> hopefully we won't require a regression fix for the regression fix for the regression fix
[16:38] <mdeslaur> I have an embargoed issue I'm working on
[16:38] <mdeslaur> and I plan on going down the list after that
[16:38] <mdeslaur> I'm on bug triage too
[16:38] <mdeslaur> that's about it
[16:38] <mdeslaur> sbeattie: you're up
[16:38] <sbeattie> I'm on cve triage this week
[16:39] <sbeattie> I'll also be going through the more recent pie-rebuild test results, and prepping fixes where needed.
[16:40] <sbeattie> I have an update that's been sitting on the back burner that I need to get off my plate
[16:40] <sbeattie> that'll probably consume my week
[16:40] <mdeslaur> sbeattie: what update?
[16:40] <sbeattie> pillow
[16:40] <mdeslaur> ah, I think there's been another CVE for that, in case you weren't aware
[16:41] <sbeattie> It was assigned after the fact, but I'd pulled the fix in for it initially
[16:41] <mdeslaur> oh, cool
[16:41] <tyhicks> I'm in the happy place this week
[16:41] <sbeattie> I stalled out on one of the patches not backporting cleanly, and then the tests to confirm things had changed drastically.
[16:42] <sbeattie> tyhicks: I'm done
[16:42] <tyhicks> thanks
[16:42] <tyhicks> I'm focused on AppArmor stacking again... specifically finishing the regression tests for stacking
[16:42] <tyhicks> I think that'll wrap up all of the userspace changes required to land stacking
[16:43] <jdstrand> \o/
[16:43] <tyhicks> and we hope to land the stacking changes late this week so that'll take some time, as well
[16:43] <tyhicks> I'm still trying to get time to fix the eCryptfs parallel copy file corruption bug (LP: #1543633)
[16:43] <tyhicks> and I have an embargoed issue
[16:44] <tyhicks> that's it for me
[16:44] <tyhicks> jjohansen: you're up
[16:45] <jjohansen> I am focused on AppArmor stacking as well. specifically working through the rather long list of issues that remain
[16:46]  * jjohansen is not as confident as tyhicks of landing it late this week
[16:46] <tyhicks> I'm not necessarily confident but that's the goal :)
[16:47] <jjohansen> that is going to take all week, and if by some miracle it doesn't then I will work on updating the upstream trees, and chasing some of the outstanding bugs
[16:47] <jjohansen> sure, I just wanted to point out I am more pessimistic :P
[16:47]  * jjohansen is done sarnold you're up
[16:49] <sarnold> heh if we're aiming at landing stacking this week it feels like we all out to be writing tests .. oof
[16:50] <sarnold> I'm on community this week; i'm working on the fwupd mir first, then .. hmm, I forget the name of the next one on the list
[16:50] <sarnold> i'd also like to poke along a feature freeze exception for libvirt's zfsonlinux support
[16:51] <sarnold> and I'll try to review the apparmor stacking patches ^^ when it makes sense
[16:51] <tyhicks> golang-websocket-dev is the next MIR on the list
[16:51] <sarnold> aha, thanks :)
[16:51] <sarnold> it's also a short week for me
[16:52] <sarnold> that's it for me, chrisccoulson?
[16:52] <chrisccoulson> I've got Firefox and Oxide updates to do this week. I shall also (hopefully) be sponsoring Chromium updates
[16:53] <chrisccoulson> I spent some time last week debugging performance issues on Freiza. I don't plan to spend any more time on that this week, which means I can hopefully crack on with convergence work in Oxide
[16:53] <chrisccoulson> That's me done :)
[16:54] <tyhicks> thanks chrisccoulson :)
[16:54] <tyhicks> [TOPIC] Highlighted packages
[16:54] <tyhicks> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
[16:55] <tyhicks> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
[16:55] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/snack.html
[16:55] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/jansson.html
[16:55] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/groovy2.html
[16:55] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/oath-toolkit.html
[16:55] <tyhicks> http://people.canonical.com/~ubuntu-security/cve/pkg/wv2.html
[16:56] <tyhicks> [TOPIC] Miscellaneous and Questions
[16:56] <tyhicks> Does anyone have any other questions or items to discuss?
[16:57] <tyhicks> jdstrand, mdeslaur, sbeattie, jjohansen, sarnold, ChrisCoulson: Thanks!
[16:58] <tyhicks> #endmeeting
[16:58] <meetingology> Meeting ended Mon Mar  7 16:58:02 2016 UTC.
[16:58] <meetingology> Minutes:        http://ubottu.com/meetingology/logs/ubuntu-meeting/2016/ubuntu-meeting.2016-03-07-16.32.moin.txt
[16:58] <sarnold> thanks tyhicks!
[16:58] <jdstrand> tyhicks: thanks!
[16:58] <jjohansen> thanks tyhicks