Ubuntu Wiki

Meeting

• Who: SecurityTeam

• When: Mon Aug 6th 2012 18:00 UTC

• End: 18:30 UTC

• Where: #ubuntu-meeting on irc.freenode.net

• Chaired By: JamieStrandboge (jdstrand)

Attendance

• jdstrand
• tyhicks
• micahg
• mdeslaur
• jjohansen
• ScottK

Not present

• sbeattie

Agenda

• Announcements
  • Thanks to the following individuals:
    • Felix Geyer (debfx) provided debdiffs for oneiric-precise for ruby-actionpack-2.3 (LP: #1030984)

    • Mike McClurg (mike-mcclurg) provided a debdiff for precise for xen-api (LP: #1031375)

    Your work is very much appreciated and will keep Ubuntu users secure. Great job!

• Weekly stand-up report (each member discusses any pending and planned future work for the week)
  • jdstrand
    • Weekly role: happy place
    • Finish MIR audits
    • recruiting
    • pending updates
  • mdeslaur
    • weekly role: community
    • pending updates
  • sbeattie - on holiday
  • micahg
    • Weekly role: happy place
    • webkit
    • icedtea-web regression SRU for sbeattie
  • tyhicks
    • Weekly role: triage
    • pending updates
    • ecryptfs data corruption when downloading large files
  • jjohansen
    • Weekly role: happy place
    • investigate 2 new apparmor issues and an older qrt kernel failure
    • push 3rd iteration of locking with additional patches
• Highlighted packages

  The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. The highlighted packages for this week are:

  The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.

• Miscellaneous and Questions

  • There are a lot of merge opportunities for packages listed in http://people.canonical.com/~ubuntu-security/d2u/. Performing these updates is a great way to help Ubuntu and bolster your developer application.

  • [!ScottK] The Calligra/KOffice issue is in an embedded copy of wv2. We also have a packaged wv2 that's significantly older. Asked if we could look at wv to see if it was also affected. mdeslaur said it seemed to be. !ScottK mentioned it FTBFS on quantal with the patch. micahg said it looked like a gcc-4.7 issue and ScottK! said he'd find someone to help him with it.

Log

Logs available at http://ubottu.com/meetingology/logs/ubuntu-meeting/2012/ubuntu-meeting.2012-08-06-18.13.html