canmove, Confirmed users, Bureaucrats and Sysops emeriti
2,776
edits
Security/Meetings/SecurityAssurance/2012-10-02: Difference between revisions
Jump to navigation
Jump to search
Security/Meetings/SecurityAssurance/2012-10-02 (view source)
Revision as of 19:32, 3 October 2012
, 3 October 2012no edit summary
(Created page with "{{SecAssuranceMeetingInfo}} {{TOC right}} =Agenda=") |
No edit summary |
||
| Line 2: | Line 2: | ||
{{TOC right}} | {{TOC right}} | ||
=Agenda= | =Agenda= | ||
* Last quarter's goals - Please keep status up to date - https://mana.mozilla.org/wiki/display/SECURITY/2012+-+Q3+Goals | |||
* Next quarter's goals - We've been discussing in subteams with managers, right? | |||
* Review Security Radar Page - https://wiki.mozilla.org/Security/Radar | |||
* B2G Testing https://b2gtestdrivers.allizom.org/ - In SF or MV? Sign up | |||
* Be aware that you might get pulled off of what you're doing to do something B2G-related or Marketplace-related | |||
=Security Review Status (koenig)= | |||
* Completed in Q3 2012: | |||
* Number of Reviews Completed (so far this quarter):57 (55) <-- Final Q3 Numbers? | |||
**https://bugzilla.mozilla.org/buglist.cgi?list_id=4553405;chfieldto=2012-09-30;component=Security%20Assurance%3A%20Review%20Request;product=mozilla.org;chfield=resolution;chfieldfrom=2012-06-30;type0-0-0=anywords;resolution=FIXED;query_format=advanced | |||
* All Outstanding Reviews: 139(143) | |||
** https://bugzil.la/comp%3A%22security%20assurance%3A%20review%20request%22 | |||
* Number of reviews without risk rating: 23 | |||
**Yours: https://bugzil.la/component%3A%22Security%20Assurance%3A%20Review%20Request%22%20-sw%3A%22%5Bneeds%20info%5D%22%20-sw%3A%22%5Bscore%3A%22%20owner:%25user%25 | |||
** Overall: | |||
https://bugzil.la/component%3A%22Security%20Assurance%3A%20Review%20Request%22%20-sw%3A%22%5Bneeds%20info%5D%22%20-sw%3A%22%5Bscore%3A%22 | |||
* Number of reviews without deadline set: 97 | |||
** Yours | |||
https://bugzilla.mozilla.org/buglist.cgi?field0-0-0=cf_due_date;query_format=advanced;resolution=---;type0-0-0=isempty;component=Security%20Assurance%3A%20Review%20Request;product=mozilla.org;field1-0-0=assigned_to;type1-0-0=equals;value1-0-0=%25user%25 | |||
** Overall | |||
https://bugzilla.mozilla.org/buglist.cgi?field0-0-0=cf_due_date;query_format=advanced;resolution=---;type0-0-0=isempty;component=Security%20Assurance%3A%20Review%20Request;product=mozilla.org | |||
=Operations Security Update (Joe Stevensen)= | |||
Release Engineering security review update | |||
=Project Updates = | |||
Please don't leave blank. Add "No Update" if nothing has changed | |||
==Silent updates (rforbes / dveditz)== | |||
== B2G (Paul Theriault, David Chan) == | |||
* things keep breaking for testing | |||
* got a spare (mozilla) Nexus S in MV/SF if anyone needs to test before getting the dog fooding device (hint: its faster than the dog fooding device :P) (contact :kang) | |||
==Thunderbird (Adam Muntner) == | |||
==Rust (Jesse Ruderman) == | |||
==Mobile (Mark Goodwin) == | |||
* Been working on Safe Browsing, reading private browsing code in prep. for upcoming review | |||
==Sync (Simon Bennetts & Adam Muntner) == | |||
==Services (Simon Bennetts & Adam Muntner) == | |||
==Social - Pancake (Mark Goodwin) == | |||
* No update | |||
==Jetpack, Add-on SDK, Add-on Builder (Dan Veditz) == | |||
==JS (Christian Holler) == | |||
* [decoder] Extended LangFuzz to two ESX VMs as per Q3 goal | |||
==DOM, XPConnect (Jesse Ruderman) == | |||
* DOM fuzzer: Now testing keystrokes | |||
* DOM fuzzer: Now testing under ASan continuously, on one machine | |||
==Layout, Style (Jesse Ruderman) == | |||
==Automation Tools (Gary Kwong) == | |||
* No update | |||
==Web Developer Tools (Mark Goodwin) == | |||
* Devtools work week last week | |||
** I mostly hacked on things - helped with some GCLI commands etc | |||
** Also learned loads about all sorts of things from the devs there | |||
** Most interesting new stuff - remote everything (chrome debugging, web console), JS profiler | |||
== Networking (Christoph Diehl) == | |||
* WebRTC | |||
** SDP fuzzer now supports RFC 4566 and 5245 | |||
== Graphics (Christoph Diehl) === | |||
* No update | |||
== Networking ( Media / Codecs) == | |||
== Market (Raymond Forbes) == | |||
==Firefox APIs (Raymond Forbes) == | |||
==Payment Flow (Raymond Forbes) == | |||
==Dynamic API Security Model (Raymond Forbes) == | |||
==WebRT (Raymond Forbes) == | |||
==BrowserID == | |||
== Identity Services (David Chan) == | |||
==Addons.M.O (Raymond Forbes) == | |||
==Bugzilla.M.O (Mark Goodwin & Eric Parker) == | |||
* No update | |||
==Mozillians (Raymond Forbes) == | |||
==MDN (Raymond Forbes) == | |||
==SUMO (Kitsune) () == | |||
== AddressSanitizer (Christian Holler) == | |||
* [decoder] We now have automated try pushes with tests running. Results are automatically scanned for ASan failures and mailed. | |||