Wikimedia Security Team/AppSec Clinic Minutes/2023-04-03

Date: 2023-04-03

Attending: CLemoisson-WMF, MMartorana_(WMF), MStyles_(WMF), SBassett_(WMF)

Phabricator Tasks In Progress

edit
  1. MMartorana_(WMF)
    1. T328393 - Try to find CU maintainers interested in fixing.
    2. T144097 - Investigating potential patches.
    3. T331477 - Assigned to MMartorana_(WMF) for triage, classification, unwatch.
    4. T332495 - Declined. Can be removed.
    5. T332889 - Try to understand if/who owns LogFormatter?
  2. MStyles_(WMF)
    1. T323651 - Suggest undeploy, Scott also looking into rebase of patch.
    2. T333050 - Need to get reviewers for public gerrit patch.
  3. Reedy_(WMF)
    1. T318825 - Assigned for follow-up.
    2. T321092 - Assigned for follow-up.
    3. T330086 - Done, Reedy to include w/ next sec release.
  4. SBassett_(WMF)
    1. T326871 - Waiting on AHT/Thalia response.
    2. T328568 - Push reviewers for merge.
    3. T333140 - Sec deploy today.

Sent to Kelton
Sent to Privacy Engineering

New Phabricator Tasks Reviewed

edit
  1. T333722 - Assigned to SBassett_(WMF) for review.
  2. T333723 - Assigned to MMartorana_(WMF) to comment (maybe) and then decline. -> Declined, not sure it should be made public though.
  3. T333730 - Assigned to MStyles_(WMF) for review.