Adding editorial plugin to Mozilla Hacks


Security Assurance: Review Request
6 years ago
5 years ago


(Reporter: Robert Nyman, Assigned: freddyb)



(Whiteboard: [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0:Low])



6 years ago
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0a2) Gecko/20120313 Firefox/12.0a2
Build ID: 20120313042010

Steps to reproduce:

In bug we wanted to add an editorial plugin to Mozilla Hacks. This bug is to get some security testing/evaluation before we enable it.
Assignee: nobody → amuntner
Component: Security Assurance → Security Assurance: Review Needed
To confirm - you want this plugin reviewed:

What is the timeline associated with this?

Comment 2

5 years ago
This one, yes:
Risk/Priority Ranking Exercise

Priority: N/A

Operational: 1 - Minor
User: 1 - Minor
Privacy: 0 - N/A
Engineering: 0 - N/A
Reputational: 1 - Minor

Priority Score: 0
Severity: normal → minor
Ever confirmed: true
Whiteboard: [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0::Low]
Whiteboard: [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0::Low] → [pending secreview][start yyyy-mm-dd][target yyyy-mm-dd][score:0:Low]
Robert, can this wait till the beginning of Q1?
Flags: needinfo?(robert)

Comment 5

5 years ago
Well, it has waited since March, so it's not really in a rush. :-)
Flags: needinfo?(robert)
Thanks Robert, i'll queue it up asap.
Assignee: amuntner → fbraun
Depends on: 840939
Depends on: 840940
Depends on: 840941
Last Resolved: 5 years ago
Resolution: --- → FIXED
I have reached out to the plugin authors and suggested to look into this bug. I have also asked if they would like to work with me on patching the issues that I have found.

Comment 8

5 years ago
Robert indicated that there's no hurry to get this plugin deployed.
But we can now hop on, whenever Zack finds the time to release a new version.

Thank you Zack for dealing with this so quickly!

Comment 10

5 years ago
We keep the Editorial Calendar in a constantly releasable state.  I can push out release 2.7 with fixes for all three of these issues as early as tomorrow.  Would you like me to do that or do you want to do more testing?
I'm done with the testing.

Comment 12

5 years ago
I've just released version 2.7 of the calendar and it contains all of these fixes.  Thanks again for all the testing.
You need to log in before you can comment on or make changes to this bug.