Ubuntu Wiki

Meeting

• Who: SecurityTeam

• When: Mon Jul 14th 2014 16:30 UTC

• End: 17:00 UTC

• Where: #ubuntu-meeting on irc.freenode.net

• Chaired By: JamieStrandboge (jdstrand)

Attendance

• jdstrand
• mdeslaur
• sbeattie
• tyhicks
• sarnold
• chrisccoulson

Not present

• jjohansen

Agenda

• Announcements
  • Stefan Bader (smb) provided debdiffs for saucy-utopic for xen
  Your work is very much appreciated and will keep Ubuntu users secure. Great job!
• Weekly stand-up report (each member discusses any pending and planned future work for the week)
  • jdstrand
    • weekly role: triage

    • AppArmor testing

    • click reviewers tools
    • performance reviews
  • mdeslaur
    • weekly role: community
    • embargoes update
    • libav sponsoring
    • pending updates
  • sbeattie

    • AppArmor

      • testing jjohansen's new IPC patchset
  • tyhicks

    • AppArmor

      • start on the 'implement kernel postinst policy compiles' WI and other related WIs
      • when the abstract socket mediation patches hit the list, switch to that
  • sarnold
    • weekly role: happy place
    • trust-store MIR
    • merge request reviews

    • AppArmor patch review (when they hit the list)

    • review https://code.launchpad.net/~mterry/unity8/dialer-above

    • review https://code.launchpad.net/~mterry/ubuntu-system-settings/locking-hash/+merge/224346

    • work items
  • chrisccoulson
    • automation for oxide builds
    • chomium-browser sponsored upload
    • prepare oxide for chromium 36
• Highlighted packages

  The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so. See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved. The highlighted packages for this week are:

  The Ubuntu Security team suggests that contributors look into merging Debian security updates in community-supported packages. If you would like to help Ubuntu but are not sure where to start, this is a great way to do so. See the available merges and SecurityTeam/UpdateProcedures for details on preparing Ubuntu security updates. If you have any questions, feel free to ask in #ubuntu-hardened. To find out other ways of helping out, please see SecurityTeam/GettingInvolved.

• Miscellaneous and Questions

Log

Meeting bot not available at time of meeting. Here are the logs:

12:12 < jdstrand> #startmeeting
12:12 < jdstrand> The meeting agenda can be found at:
12:12 < jdstrand> [LINK] https://wiki.ubuntu.com/SecurityTeam/Meeting
12:12 < jdstrand> [TOPIC] Announcements
12:12 < jdstrand> Stefan Bader (smb) provided debdiffs for saucy-utopic for xen
12:12 < jdstrand> Your work is very much appreciated and will keep Ubuntu users secure. Great job!
12:12 < jdstrand> [TOPIC] Weekly stand-up report
12:12 < jdstrand> I'll go first
12:12 < jdstrand> I'm on triage this week
12:13 < jdstrand> I plan to do apparmor testing of tyhicks packaging of jjohansen's work
12:13 < jdstrand> I've got a bunch of stuff to do for the click-reviewers-tools (click package audits/checks/etc)
12:14 < jdstrand> I've been working on that this morning. I figure I've got another day of that and then should be all caught up with all the new click hooks
12:14 < jdstrand> need to get serious about performance reviews
12:14 < jdstrand> mdeslaur: you're up
12:14 < mdeslaur> I'm on community this week
12:14 < mdeslaur> I'm currently working on an embargoed issue
12:14 < mdeslaur> and then I have some community libav updates to sponsor
12:15 < mdeslaur> and I have a bunch of pending security updates to test and release
12:15 < mdeslaur> that's it for me, sbeattie
12:15 -!- sarnold [~sarnold@98.232.132.149] has joined #ubuntu-meeting
12:15 < sbeattie> I'm focusing on apparmor this week
12:16 < sbeattie> In particular, focusing on testing jjohansen's stuff
12:16 < sbeattie> Which is pretty much it for me. tyhicks?
12:17 < tyhicks> I'm going to start on the 'implement kernel postinst policy compiles' WI and other related WIs
12:18 < tyhicks> when the abstract socket mediation patches hit the list, I'll switch to preparing the new apparmor upload
12:18 < tyhicks> that's it for me
12:18 < tyhicks> sarnold: you're up now (jj is away)
12:19 < sarnold> I'm in happy place this week; I'm finishing the trust-store MIR today, a few merge requests to review, likely some apparmor patches to review, and blueprint items to continue working on
12:19 -!- jsalisbury [~jsalisbur@209.117.47.251] has joined #ubuntu-meeting
12:19 < sarnold> chrisccoulson: you're up
12:20 < jdstrand> sarnold: can you also review https://code.launchpad.net/~mterry/unity8/dialer-above and...
12:20 < jdstrand> https://code.launchpad.net/~mterry/ubuntu-system-settings/locking-hash/+merge/224346
12:21 < jdstrand> sarnold: they are related to all the password setting stuff you've been doing
12:21 < sarnold> jdstrand: sure :)
12:21 < jdstrand> thanks
12:22 < jdstrand> I think mdeslaur was also asked for a review of https://code.launchpad.net/~mterry/unity8/dialer-above/+merge/226476, so you guys can fight over it :)
12:23 -!- cking [~king@cpc3-craw6-2-0-cust180.croy.cable.virginm.net] has quit [Quit: Ex-Chat]
12:23 < sarnold> heh, he kicked it to me pretty quickly :)
12:24 < mdeslaur> jdstrand: I gave all of those to sarnold
12:24 < jdstrand> cool
12:25 < jdstrand> ok, chrisccoulson, you're up
12:25 < mdeslaur> sarnold: those were on your list, right?
12:26 < sarnold> mdeslaur: dialer-above was, i don't recall the locking-hash url
12:26 -!- bbcmicrocomputer [~bbcmicroc@unaffiliated/bbcmicrocomputer] has quit [Quit: Leaving]
12:27 < mdeslaur> sarnold: it says the merge review was requested from you on 2014-06-24, did you not get the email?
12:27 < sarnold> mdeslaur: yikes, that's a long time ago...
12:28 < mdeslaur> ah, the merge proposal was updated after your comments
12:29 < mdeslaur> I guess you can't re-ask for a review
12:29 < mdeslaur> sarnold: anyway, please add it to your list
12:31 < jdstrand> chrisccoulson doesn't seem to be available
12:32 < sarnold> mdeslaur: ahhh, looks like locking-hash was the original pin implementation and then re-used for the PAM merge, right?
12:32 < mdeslaur> yeah, looks like it
12:32 < jdstrand> sarnold: are you done?
12:32  * jdstrand assumes the rest of this could be handled offline
12:32 < sarnold> mdeslaur: funny, the first email I can find from launchpad about it was on july 4. o_O
12:32 < sarnold> jdstrand: yeah
12:32 < jdstrand> [TOPIC] Highlighted packages
12:32 < jdstrand> The Ubuntu Security team will highlight some community-supported packages that might be good candidates for updating and or triaging. If you would like to help Ubuntu and not sure where to start, this is a great way to do so.
12:33 < jdstrand> See https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures for details and if you have any questions, feel free to ask in #ubuntu-security. To find out other ways of helping out, please see https://wiki.ubuntu.com/SecurityTeam/GettingInvolved.
12:33 < jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/sanlock.html
12:33 < jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/zookeeper.html
12:33 < jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/jetty.html
12:33 < jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/cxxtools.html
12:33 < jdstrand> http://people.canonical.com/~ubuntu-security/cve/pkg/merkaartor.html
12:33 < jdstrand> [TOPIC] Miscellaneous and Questions
12:34 < chrisccoulson> oh, sorry, was having dinner :/
12:35 < mdeslaur> chrisccoulson: ok, your turn
12:36 < chrisccoulson> this week I'm focused on getting automation for oxide daily builds finished. Also, the chromium update that was meant to happen last week didn't happen (issues with webapps), but that is going to happen this week
12:36 < chrisccoulson> hopefully tomorrow
12:36 < chrisccoulson> although, chromium 36 is planned for this week too :)
12:36 < sarnold> busy week :)
12:36 < chrisccoulson> the good news is that we'll be able to push oxide on time, at least ;)
12:38 < chrisccoulson> once I've done the daily build stuff, I'm going to tackle bug 1326070, as we have quite a few hacks building up in the browser that are only there because this feature is missing
12:38 < ubottu> bug 1326070 in Oxide "Add support for context menus" [High,Triaged] https://launchpad.net/bugs/1326070
12:38 < chrisccoulson> that's about it, I think
12:38 < jdstrand> chrisccoulson: thanks, and sorry the meeting was late
12:38 < chrisccoulson> sure, no worries :)
12:39 < jdstrand> Does anyone have any other questions or items to discuss?