Request for Security Review of Plugins

RESOLVED FIXED

Status

mozilla.org
Security Assurance: Applications
RESOLVED FIXED
8 years ago
7 years ago

People

(Reporter: mcoates, Assigned: mcoates)

Tracking

Details

(URL)

Request to review plugins.mozilla.org from bug 553666 comment 17. This is the second review of plugins.

Source Code: https://wiki.mozilla.org/Plugins:PluginDirectory#Source_Code
Site: http://plugins.mozilla.org
Stage: http://www-trunk.stage.mozilla.com/en-US/plugincheck/
Roles in scope: Anonymous, Authenticated Basic
It is anticipated that this review can begin on Thursday, July 15.
Hi, what's the currently timeline for this? Thanks!
We are working on several different reviews at once at the moment.  I realize I've slipped on the original completion estimation date.  Is the sec review blocking this from going live?
(In reply to comment #3)
> We are working on several different reviews at once at the moment.  I realize
> I've slipped on the original completion estimation date.  Is the sec review
> blocking this from going live?

It's not blocking our current release. Would like it completed in the next week or two in order to plan for our upcoming work. Thanks!
Ok. I can make that happen.
(In reply to comment #5)
> Ok. I can make that happen.

Assigning to you based on that comment :)
Assignee: server-ops → mcoates
Depends on: 580415
Depends on: 580421
Depends on: 580443
Depends on: 580446
Depends on: 583034
Depends on: 583095
The security review of plugins is complete. All identified security bugs are listed as blockers of this bug.
Assignee: mcoates → rdoherty
(In reply to comment #7)
> The security review of plugins is complete. All identified security bugs are
> listed as blockers of this bug.

Thanks!

Updated

7 years ago
Assignee: rdoherty → infrasec
Component: Server Operations: Security → Infrastructure Security: Web Security

Updated

7 years ago
Assignee: infrasec → mcoates
All dependent bugs fixed. Closing tracker.
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.