Meeting

• Who: SecurityTeam

• When: Mon May 13th 2013 16:30 UTC

• End: 17:00 UTC

• Where: #ubuntu-meeting on irc.freenode.net

• Chaired By: JamieStrandboge (jdstrand)

Attendance

• jdstrand
• mdeslaur
• sbeattie
• tyhicks
• jjohansen
• sarnold
• chrisccoulson

Not present

• None

Agenda

• Announcements
  • Francois Trahan (francois-trahan) provided diffs for precise-raring for fwlogwatch (LP: #1178281)

  • Your work is very much appreciated and will keep Ubuntu users secure. Great job!

• Actions
• Weekly stand-up report (each member discusses any pending and planned future work for the week)
  • jdstrand
    • weekly role: triage
    • vUDS
    • pending update
    • various sprint followups
    • patch pilot
    • short week
  • mdeslaur
    • weekly role: community
    • vUDS
    • pending updates

    • upstart/!AppArmor integration

  • sbeattie
    • weekly role: happy place
    • vUDS

    • AppArmor

      • security-s-appisolation-sdk (currently on getting easyprof to support json input)
      • finish aa-easyprof templates for qml apps and html5 apps
  • tyhicks
    • weekly role: happy place
    • short week
    • vUDS

    • AppArmor

      • security-s-appisolation-dbus-performance
      • DBus syntax changes
  • jjohansen
    • weekly role: happy place

    • AppArmor

      • appdev-s-appisolation-signals-ipc-ptrace
      • prep for May meeting
      • fix recent kernel bug in default profile
  • sarnold
    • weekly role: community

    • AppArmor patch review

    • upstart/!AppArmor patch review

  • chrisccoulson
    • weekly role: happy place
    • getting up to speed on chrome
    • Mozilla security updates
    • investigating hang in firefox 20
    • embargoed update
• Highlighted packages

  The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. The highlighted packages for this week are:

  The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.

• Miscellaneous and Questions

  • sarnold> I'm curious about our proposed favored ssl/tls bindings in our SDK.. do we have an API there that's better than OpenSSL's for application authors to use?

    • jdstrand mentioned Qt has some, yes (but that would require writing in C++)
    • sarlond will follow-up with bzoltan from the SDK team

Log

Log bot was down during this meeting