Page MenuHomePhabricator
Create Task
Maniphest T242287

Update https://www.mediawiki.org/wiki/Reporting_security_bugs
Open, MediumPublic
Actions

Description

We are conflating:

  • security bugs assignment and triage
  • active incident escalation and response
  • general security contact
  • etc

https://www.mediawiki.org/wiki/Reporting_security_bugs

The page overall needs love and esp post T240490: Revamping Security-Team Work Intake and Flows

@Dsharpe I think this may fall into your hands with the whole clinic/reactor/tier 1 stuff.

Related Objects

Event Timeline

chasemp created this task.Jan 8 2020, 9:20 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 8 2020, 9:20 PM
chasemp triaged this task as Medium priority.Jan 8 2020, 9:20 PM
chasemp updated the task description. (Show Details)
chasemp moved this task from Incoming to Back Orders on the Security-Team board.
DannyS712 moved this task from Backlog to Update or Improvement Needed to Existing Technical Documentation on the Documentation board.Jan 11 2020, 5:02 AM
chasemp updated the task description. (Show Details)Jan 17 2020, 5:25 PM
chasemp mentioned this in T240490: Revamping Security-Team Work Intake and Flows.Mar 24 2020, 3:39 PM
Aklapper added a comment.Nov 2 2020, 8:07 PM

Is there anything outcome from T242288 (which I cannot access) which might also help with this task?

sbassett subscribed.Nov 2 2020, 8:32 PM
In T242287#6598042, @Aklapper wrote:

Is there anything outcome from T242288 (which I cannot access) which might also help with this task?

Likely no. There were some items which were discussed and/or completed in T242288#5828061, but they are exclusively internal processes for the Security-Team. I don't have a problem sharing that task with you - either by giving you temporary access to #acl*security_team or some secure communication channel, if you'd like to review it for yourself. Just let me know.

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits