Wikimedia Security Team/AppSec Clinic Minutes/2022-05-31

Date: 2022-05-31

Attending:, ,

From Last Time

 * 1) T307278 - Result: patch still in progress
 * 2) T307750 - Our part is done, waiting on Release Engineering review for upstream fixes.
 * 3) T308583 - Assign risk, assign vuln-, tag ostensible owners
 * 4) T306514 - Still in-progress
 * 5) T308659 - Need to add to supplemental release, etc.
 * 6) T308473 - To triage, maybe help with a patch
 * 7) T309255 - To triage (non-Wikimedia deployed ext)
 * 8) T306516 - Result: no update
 * 9) T306211 - Result: no update
 * 10) T308471 - To triage, maybe help with a patch
 * 11) T308861 - To triage, log sanitization
 * 12) T309077 - Done, possibly make task public?
 * 13) T309078 - Analyzed search results, possibly triage more and add teams/owners?
 * 1) T308471 - To triage, maybe help with a patch
 * 2) T308861 - To triage, log sanitization
 * 3) T309077 - Done, possibly make task public?
 * 4) T309078 - Analyzed search results, possibly triage more and add teams/owners?

Phabricator Tasks Reviewed

 * 1) T290313 - Assigned to  for triage.
 * 2) T309411 - Assigned to  for triage.
 * 3) T309430 - Assigned to  for triage.
 * 4) Done! Removed secteam, added vuln + risk, let releng know and added related task.