VOOZH about

URL: https://phabricator.wikimedia.org/T242287

⇱ ⚓ T242287 Update https://www.mediawiki.org/wiki/Reporting_security_bugs

Maniphest T242287

Update https://www.mediawiki.org/wiki/Reporting_security_bugs
Open, MediumPublic

Description

We are conflating:

  • security bugs assignment and triage
  • active incident escalation and response
  • general security contact
  • etc

https://www.mediawiki.org/wiki/Reporting_security_bugs

The page overall needs love and esp post T240490: Revamping Security-Team Work Intake and Flows

@Dsharpe I think this may fall into your hands with the whole clinic/reactor/tier 1 stuff.

Event Timeline

chasemp triaged this task as Medium priority.Jan 8 2020, 9:20 PM
chasemp updated the task description. (Show Details)
chasemp moved this task from Incoming to Back Orders on the Security-Team board.
Comment Actions

Is there anything outcome from T242288 (which I cannot access) which might also help with this task?

Comment Actions

Is there anything outcome from T242288 (which I cannot access) which might also help with this task?

Likely no. There were some items which were discussed and/or completed in T242288#5828061, but they are exclusively internal processes for the Security-Team. I don't have a problem sharing that task with you - either by giving you temporary access to or some secure communication channel, if you'd like to review it for yourself. Just let me know.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits