== Meeting == * '''Who''': SecurityTeam * '''When''': [[http://www.timeanddate.com/worldclock/fixedtime.html?month=08&day=15&year=2011&hour=28&min=0&sec=0&p1=0|Mon Aug 15th 2011 17:00 UTC]] * '''End''': 17:30 UTC * '''Where''': #ubuntu-meeting on irc.freenode.net * '''Chaired By''': JamieStrandboge (jdstrand) == Attendance == * kees * jdstrand * mdeslaur * sbeattie * micahg * jjohansen * bliss == Not present == * None == Agenda == * Review of any previous action items * Weekly stand-up report (each member discusses any pending and planned future work for the week) * jdstrand * Weekly role: happy place * Recover from blackhat/holiday * dbus/apparmor work items * few Oneiric !AppArmor profile bugs * archive admin catch-up * kees * Weekly role: triage * MIRs * mdeslaur * Weekly role: happy place * pending updates * vm-new work * sbeattie * Weekly role: community * recover from holiday * !AppArmor work items * micahg * Weekly role: happy place * pending updates * Highlighted packages The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. The highlighted packages for this week are: * [[http://people.canonical.com/~ubuntu-security/cve/pkg/kolab-cyrus-imapd.html|kolab-cyrus-imapd]]: [[http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-2632.html|CVE-2009-2632]] [[http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-3235.html|CVE-2009-3235]] * [[http://people.canonical.com/~ubuntu-security/cve/pkg/audacity.html|audacity]]: [[http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-3560.html|CVE-2009-3560]] [[http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-3720.html|CVE-2009-3720]] * [[http://people.canonical.com/~ubuntu-security/cve/pkg/neon26.html|neon26]]: [[http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-2474.html|CVE-2009-2474]] * [[http://people.canonical.com/~ubuntu-security/cve/pkg/xymon.html|xymon]]: [[http://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-1716.html|CVE-2011-1716]] * [[http://people.canonical.com/~ubuntu-security/cve/pkg/monkeysphere.html|monkeysphere]]: [[http://people.canonical.com/~ubuntu-security/cve/2010/CVE-2010-4096.html|CVE-2010-4096]] * Miscellaneous and Questions * bliss mentions the very welcome [[http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=72fa59970f8698023045ab0713d66f3f4f96945c|acceptance of a patch]] that prevents missing setuid return code checks from being root holes == Log == Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2011/ubuntu-meeting.2011-08-15-17.07.moin.txt