Wikimedia Security Team/AppSec Clinic Minutes/2023-04-24

From mediawiki.org

Date: 2023-04-24

Attending: CLemoisson-WMF, MMartorana_(WMF), MStyles_(WMF), Reedy_(WMF), SBassett_(WMF)

Phabricator Tasks In Progress[edit]

  1. MMartorana_(WMF)
    1. T328393 - ATH tagged.
    2. T144097 - Investigating potential patches.
    3. T331477 - Tag Releng, waiting, can probably untag soon.
    4. T332889 - Try to understand if/who owns LogFormatter?
    5. T334437 - Triaged, any further action?
  2. MStyles_(WMF)
    1. T334851 - Assigned to MStyles_(WMF) for secteam-implications, bring back concerns.
    2. T323651 - Undeploy unmerged in gerrit for now.
    3. T333050 - Make public.
  3. Reedy_(WMF)
    1. T333722 - Decom channel soon.
    2. T318825 - Assigned for follow-up.
    3. T321092 - Assigned for follow-up.
    4. T330086 - Done, add reporter to secteam HoF.
  4. SBassett_(WMF)
    1. T326871 - Waiting on AHT/Thalia response.
    2. T333140 - Update mitigations for user-rights.
    3. T334403 - Watch, for now. Untag soon and let AHT evaluate?

Sent to Kelton
Sent to Privacy Engineering

  1. Tagged on T310393

New Phabricator Tasks Reviewed[edit]

  1. T334895 - Assigned to SBassett_(WMF) for review.
  2. T335164 - Assigned to SBassett_(WMF) for review.
  3. T335204 - Assigned to Reedy_(WMF) for review.
  4. T334897 - Assigned to MMartorana_(WMF) for review. Declined.
  5. T335288 - Assigned to Reedy_(WMF) for review.
Retrieved from "https://www.mediawiki.org/w/index.php?title=Wikimedia_Security_Team/AppSec_Clinic_Minutes/2023-04-24&oldid=5906541"