Adding editorial plugin to Mozilla Hacks

RESOLVED FIXED

Status

mozilla.org
Security Assurance: Review Request
--
minor
RESOLVED FIXED
6 years ago
5 years ago

People

(Reporter: Robert Nyman, Assigned: freddyb)

Tracking

Details

(Whiteboard: [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0:Low])

(Reporter)

Description

6 years ago
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0a2) Gecko/20120313 Firefox/12.0a2
Build ID: 20120313042010

Steps to reproduce:

In bug https://bugzilla.mozilla.org/show_bug.cgi?id=732055 we wanted to add an editorial plugin to Mozilla Hacks. This bug is to get some security testing/evaluation before we enable it.
Assignee: nobody → amuntner
Component: Security Assurance → Security Assurance: Review Needed
To confirm - you want this plugin reviewed:

https://bugzilla.mozilla.org/show_bug.cgi?id=738112

What is the timeline associated with this?
(Reporter)

Comment 2

5 years ago
This one, yes: http://wordpress.org/extend/plugins/editorial-calendar/
Thanks!
Risk/Priority Ranking Exercise https://wiki.mozilla.org/Security/RiskRatings

Priority: N/A

Operational: 1 - Minor
User: 1 - Minor
Privacy: 0 - N/A
Engineering: 0 - N/A
Reputational: 1 - Minor

Priority Score: 0
Severity: normal → minor
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Whiteboard: [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0::Low]
Whiteboard: [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0::Low] → [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0:Low]
Robert, can this wait till the beginning of Q1?
Flags: needinfo?(robert)
(Reporter)

Comment 5

5 years ago
Well, it has waited since March, so it's not really in a rush. :-)
Flags: needinfo?(robert)
Thanks Robert, i'll queue it up asap.
Assignee: amuntner → fbraun
Depends on: 840939
Depends on: 840940
Depends on: 840941
Status: ASSIGNED → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
I have reached out to the plugin authors and suggested to look into this bug. I have also asked if they would like to work with me on patching the issues that I have found.
(Reporter)

Comment 8

5 years ago
Thanks!
Robert indicated that there's no hurry to get this plugin deployed.
But we can now hop on, whenever Zack finds the time to release a new version.

Thank you Zack for dealing with this so quickly!

Comment 10

5 years ago
We keep the Editorial Calendar in a constantly releasable state.  I can push out release 2.7 with fixes for all three of these issues as early as tomorrow.  Would you like me to do that or do you want to do more testing?
I'm done with the testing.

Comment 12

5 years ago
I've just released version 2.7 of the calendar and it contains all of these fixes.  Thanks again for all the testing.

http://wordpress.org/extend/plugins/editorial-calendar/changelog
You need to log in before you can comment on or make changes to this bug.