canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776
edits
Security/Meetings/SecurityAssurance/2012-12-11: Difference between revisions
Security/Meetings/SecurityAssurance/2012-12-11 (view source)
Revision as of 15:43, 12 December 2012
, 12 December 2012no edit summary
(Created page with "{{SecAssuranceMeetingInfo}} {{TOC right}}") |
No edit summary |
||
| Line 1: | Line 1: | ||
{{SecAssuranceMeetingInfo}} | {{SecAssuranceMeetingInfo}} | ||
{{TOC right}} | {{TOC right}} | ||
=Agenda= | |||
* [curtisk] communications schedule | |||
** need updates from joes, tinfoil, michal`, dveditz, Jesse | |||
*** (see email sent this morning) | |||
* [gkw] overdue MozCamp Asia 2012 roundup | |||
* [dchan] PTO 12/26 - 01/04 | |||
* [joes] kang on PTO today (traveling to France) | |||
* [curtisk] PTO 12/26-12/28 | |||
* [decoder] Please read https://security.etherpad.mozilla.org/SecurityBlogSecurityCoverage (If you have, but had nothing to add/comment, just let me know) | |||
* Goals - Please keep status up to date - https://mana.mozilla.org/wiki/display/SECURITY/2012+-+Q4+Goals | |||
* [joes] Some other teams are already deciding their goals for Q1, so if we need things from them, better contact them this week! | |||
* Review Security Radar Page - https://wiki.mozilla.org/Security/Radar | |||
==Upcoming Speaking Engagements == | |||
* (Who) : Date: Name of Event : Talk Title: Link | |||
* Yvan Boily : Dec 15 : BSidesSeattle : Security Testing with ZAP (Seattle) | |||
* Simon Bennetts : Feb 2-3 : FOSDEM : Talking about ZAP :) | |||
=Security Review Status (curtisk)= | |||
Chart View: https://people.mozilla.com/~ckoenig/Stats/stats20121211.png | |||
* Completed in Q4 2012: | |||
* Number of Reviews Completed (so far this quarter):47 (37) | |||
** https://bugzilla.mozilla.org/buglist.cgi?list_id=4619884;resolution=FIXED;chfieldto=2012-12-31;query_format=advanced;chfield=resolution;chfieldfrom=2012-09-30;type0-0-0=anywords;component=Security%20Assurance%3A%20Review%20Request;product=mozilla.org | |||
* Number of Outstanding Reviews: 132 (140) | |||
**https://bugzil.la/comp%3A%22security%20assurance%3A%20review%20request%22 | |||
* Number of Reviews Ready For Review: 73(77) | |||
** https://bugzil.la/component%3A%22Security%20Assurance%3A%20Review%20Request%22%20%2Bsw%3A%22pending%22%20-flag%3A%22needinfo%22 | |||
* Number of reviews without risk rating:51(61) | |||
**https://bugzil.la/component%3A%22Security%20Assurance%3A%20Review%20Request%22%20-sw%3A%22%5Bneeds%20info%5D%22%20-sw%3A%22%5Bscore%3A%22 | |||
* Number of reviews without deadline set:122(130) | |||
**https://bugzilla.mozilla.org/buglist.cgi?field0-0-0=cf_due_date;query_format=advanced;resolution=---;type0-0-0=isempty;component=Security%20Assurance%3A%20Review%20Request;product=mozilla.org | |||
*Find Yours: | |||
** [https://bugzil.la/component%3A%22Security%20Assurance%3A%20Review%20Request%22%20-sw%3A%22%5Bneeds%20info%5D%22%20-sw%3A%22%5Bscore%3A%22%20owner:%25user%25 MIssing Risk Rating (Yours)] | |||
** [https://bugzilla.mozilla.org/buglist.cgi?field0-0-0=cf_due_date;query_format=advanced;resolution=---;type0-0-0=isempty;component=Security%20Assurance%3A%20Review%20Request;product=mozilla.org;field1-0-0=assigned_to;type1-0-0=equals;value1-0-0=%25user%25 Without Deadline (Yours)] | |||
=Operations Security Update (Joe Stevensen)= | |||
=Project Updates = | |||
Please don't leave blank. Add "No Update" if nothing has changed | |||
==Silent updates (rforbes / dveditz)== | |||
== B2G (Paul Theriault, David Chan) == | |||
* try run of test suite was too slow, will change test structure slightly (bug 811141) | |||
* permissions document was finalized (bug 815565) | |||
** however some of the APIs using permissions are still in flux | |||
==Thunderbird (Adam Muntner) == | |||
==Rust (Jesse Ruderman) == | |||
==Mobile (Mark Goodwin) == | |||
==Sync (Simon Bennetts) == | |||
==Services (Simon Bennetts & Adam Muntner) == | |||
==Jetpack, Add-on SDK, Add-on Builder (Dan Veditz) == | |||
==JS (Christian Holler) == | |||
* Fuzzing bug 808245 (Use YARR's new MatchOnly JIT mode) | |||
* IonMonkey threaded compilation enabled by default now | |||
==DOM, XPConnect (Jesse Ruderman) == | |||
==Layout, Style (Jesse Ruderman) == | |||
==Automation Tools (Gary Kwong) == | |||
* N | |||
==Web Developer Tools (Mark Goodwin) == | |||
== Networking (Christoph Diehl) == | |||
* "Big lock" patch just landed on m-i: https://bugzilla.mozilla.org/show_bug.cgi?id=792175 | |||
** going to re-test SDP this week | |||
== Media / Graphics (Christoph Diehl) === | |||
== Peach (Christoph Diehl / Raymond Forbes) === | |||
== Market (Raymond Forbes) == | |||
==Firefox APIs (Raymond Forbes) == | |||
==Payment Flow (Raymond Forbes) == | |||
==Dynamic API Security Model (Raymond Forbes) == | |||
==WebRT (Raymond Forbes) == | |||
==BrowserID == | |||
== Identity Services (David Chan) == | |||
==Addons.M.O (Raymond Forbes) == | |||
==Bugzilla.M.O (Mark Goodwin & Eric Parker) == | |||
==Mozillians (Raymond Forbes) == | |||
==MDN (Raymond Forbes) == | |||
==SUMO (Kitsune) () == | |||
== AddressSanitizer (Christian Holler) == | |||
* Lockup problem with zombie process remaining (on Linux), investigating... | |||