Closed
Bug 1517607
Opened 8 months ago
Closed 7 months ago
Security Review for Firebase SDK
Categories
(Firefox for Android :: General, enhancement)
Not set
Tracking
()
RESOLVED
WONTFIX
Firefox 66
| Tracking | Status | |
|---|---|---|
| firefox65 | --- | unaffected |
| firefox66 | --- | affected |
People
(Reporter: sdaswani, Assigned: sdaswani)
References
Details
We have to integrate the open source Firebase into SDK to support FCM push notifications: https://bugzilla.mozilla.org/show_bug.cgi?id=1510730 Does the security team want / need to review the SDK?
|
||
Comment 1•8 months ago
|
||
Security reviews don't need to be confidential. If issues are found then the individual bugs can be flagged as such.
Group: firefox-core-security
|
||
Comment 2•7 months ago
|
||
Susheel, can you cc me into bug 1510730? Thanks.
Flags: needinfo?(sdaswani)
|
|
||
Comment 4•7 months ago
|
||
Dan, Wennie mentioned I could n-i to you for security review, at least until there is some more formal process.
Flags: needinfo?(dveditz)
|
|
||
Comment 5•7 months ago
|
||
It looks like more info may be in bug 1286912.
|
||
Comment 6•7 months ago
|
||
(In reply to Liz Henry (:lizzard) (use needinfo) from comment #4)
Dan, Wennie mentioned I could n-i to you for security review, at least until there is some more formal process.
There is a process: much like the original pi-request mail-based process but to a different address (which I'm leaving out of this bug to minimize getting on spam lists). I've sent mail to get this request into the queue.
Flags: needinfo?(dveditz)
Please hold off on this until I have more clarity on whether we indeed Firebase.
|
|
||
Updated•7 months ago
|
status-firefox65:
--- → unaffected
Status: NEW → RESOLVED
Closed: 7 months ago
Resolution: --- → WONTFIX
You need to log in
before you can comment on or make changes to this bug.
Description
•