Tracking of features / patches needing security review
Bugzilla Sec Queries
- Sec-Review-Needed
- Keyword: sec-review-needed
- whiteboard: (does not contain "[secr:" OR "[rat:"
- Assigned bugs
- Keyword: sec-review-needed
- whiteboard: "[secr:" OR "[rat:"
Review Active
- Security reviews are on-going
{{#ask:
Feature security status::sec-review-activeFeature security health::!Assigned
| ?#
| ?Feature name#
| ?Feature list#
| ?Feature version#
| ?Feature product manager#
| ?Feature lead engineer#
| ?Feature security lead#
| ?Feature security status#
| ?Feature security notes#
| ?Modification date#
| ?Feature security health#
| mainlabel=-
| sort=Feature priority,Feature stage
| format=template
| template=SecurityRadarListTable
}}
Review Active & Assigned
{{#ask:
Feature security status::sec-review-activeFeature security health::Assigned
| ?#
| ?Feature name#
| ?Feature list#
| ?Feature version#
| ?Feature product manager#
| ?Feature lead engineer#
| ?Feature security lead#
| ?Feature security status#
| ?Feature security notes#
| ?Modification date#
| ?Feature security health#
| mainlabel=-
| sort=Feature priority,Feature stage
| format=template
| template=SecurityRadarListTable
}}
Active Bug Reviews
| Feature
|
Status
|
Owner
|
Release Tracking
|
| SVG patterns, gradients and filters don't work when SVG is loaded from a data: URL bug 308590 |
[dveditz]impl rev |
dholbert r+:bzbarsky sr+:cbiesinger/dholbert |
FX6
|
| matchMedia support 542058 |
fuzzer modifications to scan by Jesse |
David Baron |
FX6
|
Review Needed
- triaged to need review, review unscheduled
{{#ask:
Feature security status::sec-review-neededFeature security health::!Assigned
| ?#
| ?Feature name#
| ?Feature list#
| ?Feature version#
| ?Feature product manager#
| ?Feature lead engineer#
| ?Feature security lead#
| ?Feature security status#
| ?Feature security notes#
| ?Modification date#
| ?Feature security health#
| mainlabel=-
| sort=Feature version,Feature priority,Feature stage
| format=template
| template=SecurityRadarListTable
}}
Review Needed (Assigned)
- triaged to need review, assigned to a resource
{{#ask:
Feature security status::sec-review-neededFeature security health::Assigned
| ?#
| ?Feature name#
| ?Feature list#
| ?Feature version#
| ?Feature product manager#
| ?Feature lead engineer#
| ?Feature security lead#
| ?Feature security status#
| ?Feature security notes#
| ?Modification date#
| ?Feature security health#
| mainlabel=-
| sort=Feature version,Feature priority,Feature stage
| format=template
| template=SecurityRadarListTable
}}
Review Scheduled
{{#ask:
Feature security status::sec-review-sched
| ?#
| ?Feature name#
| ?Feature list#
| ?Feature version#
| ?Feature product manager#
| ?Feature lead engineer#
| ?Feature security lead#
| ?Feature security status#
| ?Feature security notes#
| ?Modification date#
| ?Feature security health#
| mainlabel=-
| sort=Feature priority,Feature stage
| format=template
| template=SecurityRadarListTable
}}
Bug reviews Scheduled
| Feature
|
Status
|
Owner
|
Release Tracking
|
| Web Apps in Fennec bug 585958 |
changed to sec-review-needed |
Fabrice Desre / mfinkle |
|
| HTTP Pipelineing bug 264354 |
changed to sec-review-needed |
Patrick McManus |
|
Triage Needed
Other Stuff to be Scheduled
Completed Work
Bugzilla
Legend
|
|
Healthy: things are on track
|
|
|
At Risk: completion of tasks on time is at risk.
|
|
|
Blocked: security concern is blocking
|
|
|
Assignd: being worked by someone else.
|
| ETA
|
Estimated date for completion of the current feature task. Overall ETA for the feature is the product release date.
|
Old Radar Pages
stuff needing reassignment
{{#ask:
Feature security status::sec-review-needed [[Feature security notes::~bsterne*
]]
| ?#
| ?Feature name#
| ?Feature list#
| ?Feature version#
| ?Feature product manager#
| ?Feature lead engineer#
| ?Feature security lead#
| ?Feature security status#
| ?Feature security notes#
| ?Modification date#
| ?Feature security health#
| mainlabel=-
| format=template
| template=SecurityRadarListTable
}}