Wikimedia Security Team/AppSec Clinic Minutes/2023-04-24

Date: 2023-04-24

Attending: CLemoisson-WMF,, , ,

Phabricator Tasks In Progress

 * 1) MMartorana_(WMF)
 * 2) T328393 - ATH tagged.
 * 3) T144097 - Investigating potential patches.
 * 4) T331477 - Tag Releng, waiting, can probably untag soon.
 * 5) T332889 - Try to understand if/who owns LogFormatter?
 * 6) T334437 - Triaged, any further action?
 * 7) MStyles_(WMF)
 * 8) T334851 - Assigned to  for secteam-implications, bring back concerns.
 * 9) T323651 - Undeploy unmerged in gerrit for now.
 * 10) T333050 - Make public.
 * 11) Reedy_(WMF)
 * 12) T333722 - Decom channel soon.
 * 13) T318825 - Assigned for follow-up.
 * 14) T321092 - Assigned for follow-up.
 * 15) T330086 - Done, add reporter to secteam HoF.
 * 16) SBassett_(WMF)
 * 17) T326871 - Waiting on AHT/Thalia response.
 * 18) T333140 - Update mitigations for user-rights.
 * 19) T334403 - Watch, for now.  Untag soon and let AHT evaluate?

Sent to Kelton

Sent to Privacy Engineering


 * 1) Tagged on T310393

New Phabricator Tasks Reviewed

 * 1) T334895 - Assigned to  for review.
 * 2) T335164 - Assigned to  for review.
 * 3) T335204 - Assigned to  for review.
 * 4) T334897 - Assigned to  for review. Declined.
 * 5) T335288 - Assigned to  for review.