Wikimedia Security Team/AppSec Clinic Minutes/2023-08-21

Date: 2023-08-21

Attending: CLemoisson-WMF,, , ,


 * 1) MMartorana_(WMF)
 * 2) T144097 - Investigating potential patches.
 * 3) T334437 - Mark as invalid/decline, leave a follow-up. DONE
 * 4) T336113 - Try to find individuals via git history, etc.
 * 5) T338419 - Rate low risk, untag team. DONE
 * 6) T343664 - Triaged, looking for solutions.
 * 7) MStyles_(WMF)
 * 8) T335164 - Analysis work assigned to Maryum.
 * 9) T338238 - Set up AppSec CI includes for iPoid.
 * 10) T338611 - Check in with Releng in another week or two.
 * 11) T344130 - To review, possibly write patch.
 * 12) SBassett_(WMF)
 * 13) T326871 - Waiting on AHT/Thalia response.
 * 14) T336310 - Amir to add new group soon-ish, re-pinged.
 * 15) T343138 - Monitoring.
 * 16) T343822 - To review.

Sent to Privacy Engineering

No new tasks from the appsec clinic this week.

New Phabricator Tasks Reviewed

 * 1) T344392 Assigned to MStyles_(WMF) for review.
 * 2) T344182 Assigned to MMartorana_(WMF) for review. ACCESS GRANTED, MAKE PUBLIC.
 * 3) T344250 Assigned to MStyles_(WMF) for review.
 * 4) T344359 Assigned to SBassett_(WMF) for review.
 * 5) T344509 Assigned to MMartorana_(WMF) for review. WAITING FOR MARK OR OP.