Wikimedia Security Team/AppSec Clinic Minutes/2023-04-12

Date: 2023-04-12

Attending: ACooper-WMF, CLemoisson-WMF, ,

Phabricator Tasks In Progress

 * 1) MMartorana_(WMF)
 * 2) T328393 - Try to find CU maintainers interested in fixing.
 * 3) T144097 - Investigating potential patches.
 * 4) T331477 - Tag Releng, reach out to DC folks about info leaks.
 * 5) T332889 - Try to understand if/who owns LogFormatter?
 * 6) T333723 - Ask if can be public, suggest filing new feature (url checker) as public bug.
 * 7) MStyles_(WMF)
 * 8) T323651 - Suggest undeploy, Scott also looking into rebase of patch.
 * 9) T333050 - Need to get reviewers for public gerrit patch.
 * 10) Reedy_(WMF)
 * 11) T318825 - Assigned for follow-up.
 * 12) T321092 - Assigned for follow-up.
 * 13) T330086 - Done, Reedy to include w/ next sec release.
 * 14) SBassett_(WMF)
 * 15) T326871 - Waiting on AHT/Thalia response.
 * 16) T328568 - Push reviewers for merge.
 * 17) T333140 - Keep monitoring incident, feel like mitigation is in good place now.
 * 18) T333722 - Reach out to Sam to decom channel.

Sent to Kelton

Sent to Privacy Engineering

New Phabricator Tasks Reviewed

 * 1) T334437 - Assigned to  for review.
 * 2) T334403 - Assigned to  for review.