Wikimedia Security Team/AppSec Clinic Minutes/2022-07-11
Date: 2022-07-11
Attending: MMartorana_(WMF), MStyles_(WMF), SBassett_(WMF)
Phabricator Tasks In Progress
edit- MMartorana_(WMF)
- T307278 - Patch still in progress
- T309894 - Tag MW-Core, core platform, determine ownership
- Maybe untag Editing-Team, review git history/blame for better maintainer list...
- T310763 - Assigned to MMartorana_(WMF) for triage/CR
- Patch has been proposed...
- T311180 - Assigned to MMartorana_(WMF) for triage/CR
- Need to further research issue and find potential maintainers
- T311652 - Resolved, hurray!
- MStyles_(WMF)
- T306514 - Still in-progress
- T309255 - Recommended retire affected extension, under further review
- T309943 - Zabe added, tag Traffic/Brandon, see who can look at remaining items
- T310069 - Verify tagged teams, members for further review, move off secteam incoming
- Subbu responded
- T311337 - Assigned to MStyles_(WMF) for triage/CR
- Include in next supplemental release, patch still needs CR, then security deploy
- T311721 - Assigned to MStyles_(WMF) for triage/CR.
- Reedy_(WMF)
- SBassett_(WMF)
- T298784 - Security access, to discuss with JCross_(WMF)
- T311960 - Assigned to SBassett_(WMF) for triage/CR.
- Untagged secteam (not a prod-deployed ext), assigned vuln class, risk and #secteam-processed.
- T312733 - Assigned to SBassett_(WMF) for triage/CR.
- Untagged secteam (not a prod-deployed ext), assigned risk and #secteam-processed.
New Phabricator Tasks Reviewed
edit- T312506 - Assigned to MStyles_(WMF) for assessment-related follow-up.
- T312282 - Assigned to MMartorana_(WMF) for triage/CR.