Security/Meetings/SecurityAssurance/2013-02-19

From MozillaWiki
Jump to: navigation, search


« previous week | index | next week »
  • Time: (Weekly) Tuesday at 13:30 PM PDT / 16:30 PM EDT / 21:30 PM UTC.
  • Place: Mozilla HQ, 3A-All Your Base (3rd Floor)
  • Phone (US/Intl): 650 903 0800 x92 Conf: 95316#
  • Phone (Toronto): 416 848 3114 x92 Conf: 95316#
  • Phone (US): 800 707 2533 (pin 369) Conf: 95316#

Agenda

Upcoming Speaking Engagements

(List it at these two locations too: https://developer.mozilla.org/en-US/events & https://wiki.mozilla.org/Security/Talks )

  • Raymond Forbes : Feb 27 - March 2 : Nullcon : Bug Bounty Programs
  • David Chan: Feb 22 : taking to a small group of engineers about security testing at Animoto
  • Curts Koenig: Feb 22: OWASP Louisville, Rebooting OWASP Louisville

Planned Blog Posts

Security Review Status (curtisk)

  • Completed in Q4 2012: 50

https://security-review-statistics.vcap.mozillalabs.com/weekly

Operations Security Update (Joe Stevensen)

Project Updates

Please add your name to the update so we know who to follow up with

Firefox Desktop

Firefox 19 released - http://www.mozilla.org/en-US/firefox/19.0/releasenotes/

Firefox Mobile

Firefox OS

- Review progressing on target (11 gaia & ~15 platform bugs remaining) - MWC 25th - working to get security docs cleaned up before then - Detailed notes: https://etherpad.mozilla.org/firefoxossecteammtg

Firefox Core

MarketPlace

Web Apps

freddy contributed a list of jQuery-specific DOM XSS sinks to the DOM XSS wiki. Interesting for mozilla webapps, in face of django/playdoh using jinja2 for templating. See http://code.google.com/p/domxsswiki/wiki/jQuery

Services

Operation Security