New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 611958 link

Starred by 1 user

Issue metadata

Status: Assigned
Owner:
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: All
Pri: 2
Type: Bug
mus

Blocking:
issue 611905


Show other hotlists

Hotlists containing this issue:
poc.css


Sign in to add a comment

//components/mus/public/interfaces/*.mojom needs a security review

Project Member Reported by dcheng@chromium.org, May 14 2016

Issue description

These interfaces don't appear to have gone through security review. Marking ReleaseBlock-Stable to be on the safe side for now.

 

Comment 1 by dcheng@chromium.org, May 14 2016

Blocking: 611905
Labels: Security_Severity-High Security_Impact-None
Labels: OS-All
[Bulk edit]

Release blockers need OS set.  Looks like all of these are applicable for OS-All, correct if required.
Cc: tsepez@chromium.org rjkroege@chromium.org
Labels: mus mash tadpole
This issue is set as M52 Release block Stable. Is there anything which needs to to be taken care in M52? Please resolve ASAP.
Labels: -Pri-1 -M-52 Pri-2
Code is not turned on in production. It is a release blocker for mus but mus is not released.
Labels: -Security_Impact-None Security_Impact-Stable
Bulk edit: swapping issues for mojo reviews back to Security_Impact-Stable. We're adding a sheriffbot rule to automatically remove release block labels from Security_Impact-None bugs, but in this case I think they make sense. These issues for audits/reviews tend to be a bit awkward to triage.
Project Member

Comment 8 by sheriffbot@chromium.org, Jun 22 2016

Labels: M-51
Project Member

Comment 9 by ClusterFuzz, Jun 24 2016

Labels: Missing_Owner-13
Project Member

Comment 10 by ClusterFuzz, Jun 25 2016

Labels: -Missing_Owner-13 Missing_Owner-14
Components: Internals>Mojo
Labels: -Security_Impact-Stable -Missing_Owner-14 Security_Impact-None
Dialling down the security impact based on #6
Project Member

Comment 12 by sheriffbot@chromium.org, Jun 26 2016

Labels: -ReleaseBlock-Stable
Owner: dcheng@chromium.org
Status: ASs (was: Available)
Status: Assigned (was: ass)
Components: Security>Audit
Labels: Type-Bug
Removing from the security sheriff queue.

Sign in to add a comment