Wikimedia Security Team/AppSec Clinic Minutes/2022-08-22

Date: 2022-08-22

Attending: MMartorana_(WMF), MStyles_(WMF), SBassett_(WMF)

Phabricator Tasks In Progress[edit]

1. MMartorana_(WMF)
   1. T307278 - Patch deployed.
   2. T311180 - Need to further research issue and find potential maintainers.
   3. T312820 - Asked TGR to fix the issue, otherwise I will work on a patch.
   4. T314245 - Patch ready to be deployed.
2. MStyles_(WMF)
   1. T311337 - Waiting on requesters.
      1. Include in next supplemental release, patch still needs CR, then security deploy
   2. T312951 - Waiting on user follow-up to grant access.
   3. T313241 - Niklas responded, Maryum to follow up.
   4. T314425 - Assigned to MStyles (WMF) for assessment-related follow-up.
   5. T315123 - Assigned to MStyles_(WMF) for assessment-related follow-up.
3. Reedy_(WMF)
   1. T315366 - Assigned to Reedy_(WMF) for log analysis.
   2. T306516 - No update at this time
   3. T306211 - No update at this time
   4. T309703 - No update at this time
   5. T310393 - No update at this time
   6. T311368 - No update at this time
   7. T314215 - No update at this time
4. SBassett_(WMF)
   1. T310763 - Attempting security patch deploy today.
   2. T313898 - Assigned to SBassett_(WMF) for assessment-related follow-up.
   3. T314884 - Assigned to SBassett_(WMF) to ponder and bring to Jen's attention.

New Phabricator Tasks Reviewed[edit]

1. T315407 - Assigned to MMartorana_(WMF) for follow-up.
2. T315426 - Assigned to MMartorana_(WMF) for assessment-related follow-up.
3. T315570 - Assigned to MStyles_(WMF) for assessment-related follow-up.
4. T315679 - Assigned to MMartorana_(WMF) account added. Can be closed.
5. T315820 - Assigned to SBassett_(WMF) for assessment-related follow-up.