Security/Archived/Radar

From MozillaWiki
Jump to navigation Jump to search

Tracking of features / patches needing security review

Bugzilla Sec Queries

sec-review-needed

sec-review-complete

Review Active

  • Security reviews are on-going
{{#ask: Feature security status::sec-review-active | ?# | ?Feature name# | ?Feature list# | ?Feature version# | ?Feature product manager# | ?Feature security lead# | ?Feature security status# | ?Feature security notes# | ?Modification date# | ?Feature security health# | mainlabel=- | sort=Feature priority,Feature stage | format=template | template=SecurityRadarListTable }}
Feature Feature List Target Rel Prod Mgr Security lead Security status Security notes Last Modified

Active Bug Reviews

Feature Status Owner Release Tracking
560112 (dataset) Implement HTML5 dataset attribute Review completed 06.28, work ongoing --> Notes Assigned to: wchen Review?:mrbkap\jonas FX6
Toolbar-less app tabs review meeting held 06.08, work on going --> Notes Alex Limi
Ensure GCLI commands are executed securely 651081 reviewed 06.15 --> Notes jwalker
SVG patterns, gradients and filters don't work when SVG is loaded from a data: URL bug 308590 [dveditz]impl rev dholbert r+:bzbarsky sr+:cbiesinger/dholbert FX6
bug 50660[FILE]Drag and drop for file upload form control [dchan] review and report Michael Ventnor r+:jst enndeakin FX7
matchMedia support 542058 fuzzer modifications to scan by Jesse David Baron FX6
Firefox-native Verified Email Client Discussion on-going Dan Mills FX7
Accelerated composition of layers on mobile using OpenGL ES needs fuzzing, mobile fuzzing research needed : Jesse Stuart Parmenter FX7
WebSockets bug 640003 Reviewed 05.27 *Next item: Threat Model dchan & bsmith 06.10 blizzard FX6 ??


Review Needed

  • triaged to need review, review unscheduled
{{#ask: Feature security status::sec-review-needed | ?# | ?Feature name# | ?Feature list# | ?Feature version# | ?Feature product manager# | ?Feature security lead# | ?Feature security status# | ?Feature security notes# | ?Modification date# | ?Feature security health# | mainlabel=- | sort=Feature version,Feature priority,Feature stage | format=template | template=SecurityRadarListTable }}
Feature Feature List Target Rel Prod Mgr Security lead Security status Security notes Last Modified

Review Scheduled

  • A review is scheduled
{{#ask: Feature security status::sec-review-sched | ?# | ?Feature name# | ?Feature list# | ?Feature version# | ?Feature product manager# | ?Feature security lead# | ?Feature security status# | ?Feature security notes# | ?Modification date# | ?Feature security health# | mainlabel=- | sort=Feature priority,Feature stage | format=template | template=SecurityRadarListTable }}
Feature Feature List Target Rel Prod Mgr Security lead Security status Security notes Last Modified

Bug reviews Scheduled

Feature Status Owner Release Tracking
Web Apps in Fennec bug 585958 review sched 07.27 Fabrice Desre / mfinkle
HTTP Pipelineing bug 264354 review sched 08.10 Patrick McManus

Untriaged

  • These items need to be triaged
  • sorted by hidden items Feature priority & Feature stage asc

On Some Release

{{#ask: Feature version::!`Feature security status::` | ?# | ?Feature name# | ?Feature list# | ?Feature version# | ?Feature product manager# | ?Feature security lead# | ?Feature security status# | ?Feature security notes# | ?Modification date# | ?Feature security health# | mainlabel=- | sort=Feature version | format=template | template=SecurityRadarListTable | limit =100000 }}
Feature Feature List Target Rel Prod Mgr Security lead Security status Security notes Last Modified

Not on a Release

{{#ask: Feature version::`Feature security status::` | ?# | ?Feature name# | ?Feature list# | ?Feature version# | ?Feature product manager# | ?Feature security lead# | ?Feature security status# | ?Feature security notes# | ?Modification date# | ?Feature security health# | mainlabel=- | sort=Feature version | format=template | template=SecurityRadarListTable | limit =100000 }}
Feature Feature List Target Rel Prod Mgr Security lead Security status Security notes Last Modified

Other Stuff to be Scheduled

Feature Status Owner Release Tracking
libcubeb sound library replacing libsydneyaudio on mozilla-central Unscheduled roc/cpearce/doublec
No more XPConnect between JS and C++ code in DOM workers. Unscheduled
Make all implemented HTML5 inputs accessible. Bonus: implement canvas inner DOM exposure. Unscheduled
Azure: graphics system rewrite Contact email sent jdrew
Accessability Contact initiated dbolter
(e10s) Meetings on going smooney
JetPack Review / meetings ongoing myk/dmason
Sign-in/Sign-out]] Contact initiated thunder(Dan Mills)
OPUS http://tools.ietf.org/html/draft-ietf-codec-opus-05 ETA Need to find owner

Completed Work

Legend

  Healthy: things are on track
  At Risk: completion of tasks on time is at risk.
  Blocked: security concern is blocking
  Assignd: being worked by someone else.
ETA Estimated date for completion of the current feature task. Overall ETA for the feature is the product release date.

Old Radar Pages

Retrieved from "https://wiki.mozilla.org/index.php?title=Security/Archived/Radar&oldid=331945"