Page MenuHomeDevCentral
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Sep 21 2018

dereckson closed T1444: CSRF timing attach in Sinatra rack-protection (CVE-2018-1000119) as Resolved by committing rTOMMY9ca3ab76bdbc: Update rack-protection.
Sep 21 2018, 09:56 · Tommy, security
dereckson updated the task description for T1446: Upgrade Ruby from 2.2 to 2.5.
Sep 21 2018, 09:02 · Docker images, Tommy, security
dereckson added a project to T1446: Upgrade Ruby from 2.2 to 2.5: Docker images.
Sep 21 2018, 09:02 · Docker images, Tommy, security
dereckson created T1446: Upgrade Ruby from 2.2 to 2.5.
Sep 21 2018, 09:01 · Docker images, Tommy, security

Sep 20 2018

dereckson added a revision to T1444: CSRF timing attach in Sinatra rack-protection (CVE-2018-1000119): D1778: Update rack-protection.
Sep 20 2018, 21:44 · Tommy, security
dereckson triaged T1444: CSRF timing attach in Sinatra rack-protection (CVE-2018-1000119) as Low priority.
Sep 20 2018, 21:40 · Tommy, security

Sep 12 2018

dereckson updated the task description for T1425: Provision secrets through Salt.
Sep 12 2018, 10:26 · security, Nasqueron Operations Squad, Vault, Salt
dereckson updated the task description for T930: Secrets to migrate from DevCentral to Vault.
Sep 12 2018, 10:25 · User-Dereckson, Vault, Nasqueron Operations Squad, security
dereckson added a revision to T1425: Provision secrets through Salt: D1738: Map the Phabricator credentials ID.
Sep 12 2018, 09:56 · security, Nasqueron Operations Squad, Vault, Salt
dereckson created T1425: Provision secrets through Salt.
Sep 12 2018, 09:54 · security, Nasqueron Operations Squad, Vault, Salt

Sep 8 2018

dereckson closed T1411: Deploy Zemke-Rhyne on PaaS Docker as Resolved.
Sep 8 2018, 09:28 · Salt, security, Servers, Operations sprints (Operations sprint 1)
dereckson added a revision to T1411: Deploy Zemke-Rhyne on PaaS Docker: D1680: Provide a zr wrapper around the SSH command invocation.
Sep 8 2018, 09:27 · Salt, security, Servers, Operations sprints (Operations sprint 1)
dereckson added a revision to T1411: Deploy Zemke-Rhyne on PaaS Docker: D1679: Provision Zemke Rhyne key on Docker servers.
Sep 8 2018, 08:57 · Salt, security, Servers, Operations sprints (Operations sprint 1)
dereckson updated the task description for T1411: Deploy Zemke-Rhyne on PaaS Docker.
Sep 8 2018, 08:49 · Salt, security, Servers, Operations sprints (Operations sprint 1)
dereckson added projects to T1411: Deploy Zemke-Rhyne on PaaS Docker: Operations sprints (Operations sprint 1), Servers, security.
Sep 8 2018, 08:44 · Salt, security, Servers, Operations sprints (Operations sprint 1)

Feb 28 2018

dereckson moved T1342: Let's encrypt on Debian use logrotate from Backlog to Servers config on the Salt board.
Feb 28 2018, 21:38 · security, Servers, Eglide, Salt

Feb 20 2018

dereckson triaged T1342: Let's encrypt on Debian use logrotate as Low priority.
Feb 20 2018, 14:08 · security, Servers, Eglide, Salt

Feb 18 2018

dereckson updated the task description for T1342: Let's encrypt on Debian use logrotate.
Feb 18 2018, 00:59 · security, Servers, Eglide, Salt
dereckson moved T1342: Let's encrypt on Debian use logrotate from Backlog to Server config on the Eglide board.
Feb 18 2018, 00:57 · security, Servers, Eglide, Salt
dereckson created T1342: Let's encrypt on Debian use logrotate.
Feb 18 2018, 00:57 · security, Servers, Eglide, Salt

Nov 12 2017

dereckson closed T1316: Audit SSH keys as Resolved.
Nov 12 2017, 23:20 · security, Servers, Eglide
dereckson added a comment to T1316: Audit SSH keys.

D1187 has been applied to Eglide.

Nov 12 2017, 23:20 · security, Servers, Eglide
dereckson updated the task description for T1316: Audit SSH keys.
Nov 12 2017, 13:21 · security, Servers, Eglide
dereckson added a comment to T1316: Audit SSH keys.
In T1316#16785, @dereckson wrote:

So we're waiting on khmerboy confirmation and we can proceed.

Nov 12 2017, 13:09 · security, Servers, Eglide
dereckson updated the task description for T1316: Audit SSH keys.
Nov 12 2017, 13:04 · security, Servers, Eglide

Nov 11 2017

dereckson added a comment to T1316: Audit SSH keys.

So we're waiting on khmerboy confirmation and we can proceed.

Nov 11 2017, 23:58 · security, Servers, Eglide
dereckson updated the task description for T1316: Audit SSH keys.
Nov 11 2017, 23:58 · security, Servers, Eglide
dereckson updated the task description for T1316: Audit SSH keys.
Nov 11 2017, 23:57 · security, Servers, Eglide

Nov 10 2017

dereckson updated the task description for T1316: Audit SSH keys.
Nov 10 2017, 20:16 · security, Servers, Eglide
dereckson created T1316: Audit SSH keys.
Nov 10 2017, 13:44 · security, Servers, Eglide

Nov 6 2017

dereckson added a parent task for T1311: Set sysctl for FreeBSD servers: T1268: Reprovision Ysul.
Nov 6 2017, 21:40 · Operations sprints (The Dreadnought will produce new officers), security, Salt
dereckson closed T1311: Set sysctl for FreeBSD servers as Resolved by committing rOPSe98b274c14b3: Kernel state configuration.
Nov 6 2017, 21:39 · Operations sprints (The Dreadnought will produce new officers), security, Salt
dereckson added a revision to T1311: Set sysctl for FreeBSD servers: D1183: Kernel state configuration.
Nov 6 2017, 21:35 · Operations sprints (The Dreadnought will produce new officers), security, Salt
dereckson added a project to T1311: Set sysctl for FreeBSD servers: Operations sprints (The Dreadnought will produce new officers).
Nov 6 2017, 20:05 · Operations sprints (The Dreadnought will produce new officers), security, Salt
dereckson added a project to T1311: Set sysctl for FreeBSD servers: security.
Nov 6 2017, 20:05 · Operations sprints (The Dreadnought will produce new officers), security, Salt

Nov 4 2017

dereckson merged task T1285: Update tomjerr SSH key into Restricted Maniphest Task.
Nov 4 2017, 23:32 · security, Servers

Nov 1 2017

dereckson closed T1295: Upgrade Docker images to PHP 7.1.11 as Resolved.
Nov 1 2017, 18:44 · security, Docker images
dereckson updated the post content for Blog Post: SSH keys for Ysul.
Nov 1 2017, 18:08 · security, Servers

Oct 31 2017

dereckson added a revision to T1295: Upgrade Docker images to PHP 7.1.11: D1141: Upgrade to PHP 7.1.11.
Oct 31 2017, 20:52 · security, Docker images
dereckson moved T1295: Upgrade Docker images to PHP 7.1.11 from Backlog to Pending review on the Docker images board.
Oct 31 2017, 20:50 · security, Docker images
dereckson triaged T1295: Upgrade Docker images to PHP 7.1.11 as High priority.
Oct 31 2017, 20:50 · security, Docker images

Oct 29 2017

dereckson updated the task description for T1292: userlist.db is saved in 644.
Oct 29 2017, 17:03 · C, good-first-issue, security, Odderon
dereckson moved T1292: userlist.db is saved in 644 from Backlog to Dev on the good-first-issue board.
Oct 29 2017, 17:02 · C, good-first-issue, security, Odderon
dereckson added a project to T1292: userlist.db is saved in 644: good-first-issue.
Oct 29 2017, 17:02 · C, good-first-issue, security, Odderon
dereckson updated subscribers of T1292: userlist.db is saved in 644.
Oct 29 2017, 17:02 · C, good-first-issue, security, Odderon
dereckson updated the task description for T1292: userlist.db is saved in 644.
Oct 29 2017, 17:02 · C, good-first-issue, security, Odderon
dereckson created T1292: userlist.db is saved in 644.
Oct 29 2017, 17:00 · C, good-first-issue, security, Odderon
dereckson closed T1267: Set userlist.db chmod to avoid it's world readable as Resolved by committing rOPS715b85e5d950: Ensure userlist isn't world-readable.
Oct 29 2017, 15:48 · security, Odderon
dereckson closed T1286: Eglide Salt minion doesn't respond, a subtask of T1285: Update tomjerr SSH key, as Resolved.
Oct 29 2017, 15:41 · security, Servers

Oct 28 2017

dereckson added a comment to T1285: Update tomjerr SSH key.

So last step is to propagate the change to Eglide restarting the minion.

Oct 28 2017, 20:50 · security, Servers
dereckson lowered the priority of T1285: Update tomjerr SSH key from High to Normal.
Oct 28 2017, 20:49 · security, Servers
dereckson added a comment to T1285: Update tomjerr SSH key.

I prepared such a change Wednesday, and committed now, as @tomjerr confirmed the key is working fine (per your manual add).

Oct 28 2017, 20:49 · security, Servers
dereckson added a subtask for T1285: Update tomjerr SSH key: T1286: Eglide Salt minion doesn't respond.
Oct 28 2017, 09:33 · security, Servers
dereckson added a revision to T1285: Update tomjerr SSH key: D1119: Update SSH key for tomjerr.
Oct 28 2017, 09:28 · security, Servers

Oct 27 2017

Sandlayth created T1285: Update tomjerr SSH key.
Oct 27 2017, 18:09 · security, Servers

Oct 24 2017

dereckson archived P175 pkg audit on Ysul.
Oct 24 2017, 02:13 · Servers, security
dereckson archived P106 pkg audit.
Oct 24 2017, 02:13 · security, Servers
dereckson archived P43 pkg audit on Ysul.
Oct 24 2017, 02:13 · Servers, security, Nasqueron security operations squad
dereckson archived P36 P35 Packages security issues on Ysul.
Oct 24 2017, 02:13 · security, Servers

Oct 21 2017

dereckson added a revision to T453: Installed AEScrypt on Ysul and Dwellers: D1070: Provision software to Ysul.
Oct 21 2017, 00:44 · security, Servers

Oct 19 2017

dereckson added a revision to T1267: Set userlist.db chmod to avoid it's world readable: D1069: Ensure userlist isn't world-readable.
Oct 19 2017, 22:54 · security, Odderon
dereckson renamed T1267: Set userlist.db chmod to avoid it's world readable from Set userlist2.db chmod to avoid it's world readable to Set userlist.db chmod to avoid it's world readable.
Oct 19 2017, 22:54 · security, Odderon
dereckson created T1267: Set userlist.db chmod to avoid it's world readable.
Oct 19 2017, 22:11 · security, Odderon

Oct 15 2017

dereckson moved T853: Deploy a Let's encrypt certificate to the Mumble server from Backlog to Ops on the good-first-issue board.
Oct 15 2017, 12:02 · good-first-issue, Mumble, security, Servers

Sep 9 2017

Sandlayth placed T853: Deploy a Let's encrypt certificate to the Mumble server up for grabs.
Sep 9 2017, 16:23 · good-first-issue, Mumble, security, Servers

Sep 2 2017

dereckson moved T1228: Configure TLS for webserver-core role from Backlog to Analysis / under discussion on the Servers board.
Sep 2 2017, 11:52 · security, Servers
dereckson added a comment to T1228: Configure TLS for webserver-core role.

The more immediate and interesting question: should we drop TLS 1.0?

Sep 2 2017, 11:43 · security, Servers
dereckson added a comment to T1228: Configure TLS for webserver-core role.

The TLS imirhil report evaluates what they consider as the best practices.

Sep 2 2017, 11:40 · security, Servers
dereckson updated the task description for T1228: Configure TLS for webserver-core role.
Sep 2 2017, 11:37 · security, Servers
dereckson updated the task description for T1228: Configure TLS for webserver-core role.
Sep 2 2017, 11:28 · security, Servers
amj created T1228: Configure TLS for webserver-core role.
Sep 2 2017, 10:24 · security, Servers

May 24 2017

dereckson created T1211: Implement ACL to the exchanges/queues we can subscribe to in delivery API.
May 24 2017, 23:44 · Notifications center, security

Apr 27 2017

dereckson updated the task description for T930: Secrets to migrate from DevCentral to Vault.
Apr 27 2017, 17:47 · User-Dereckson, Vault, Nasqueron Operations Squad, security

Feb 6 2017

dereckson created P251 Configure automatic updates for Wordpress.
Feb 6 2017, 12:08 · security

Jan 31 2017

dereckson moved T1147: Secure gates with API keys or another authentication mechanism from Debt to New services on the Notifications center board.
Jan 31 2017, 23:03 · security, Notifications center
dereckson moved T1147: Secure gates with API keys or another authentication mechanism from Backlog to Debt on the Notifications center board.
Jan 31 2017, 23:03 · security, Notifications center
dereckson created T1147: Secure gates with API keys or another authentication mechanism.
Jan 31 2017, 23:02 · security, Notifications center
dereckson created T1145: Don't truncate passwords.
Jan 31 2017, 01:55 · C, security, Odderon

Jan 23 2017

dereckson closed T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results as Resolved.
Jan 23 2017, 12:58 · security, Jenkins, User-Dereckson, Servers
dereckson closed T956: Install Notifications plugin on Jenkins, a subtask of T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results, as Resolved.
Jan 23 2017, 12:56 · security, Jenkins, User-Dereckson, Servers
dereckson added a revision to T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results: D631: Configuration for Jenkins.
Jan 23 2017, 12:56 · security, Jenkins, User-Dereckson, Servers
dereckson claimed T948: [Roadmap] Run periodically tests/prod-environment-behaves-correctly and report results.
  1. refactoring done.
  2. filtering partially done: only failure are reported, Jenkins notifies, we consume.
  3. to automate without human assertion system status isn't currently considered as valuable
Jan 23 2017, 12:52 · security, Jenkins, User-Dereckson, Servers

Jan 21 2017

dereckson closed T1120: Switch agora.nasqueron.org to HTTPS only as Resolved.

Redirect to SSL web server configuration

Jan 21 2017, 13:30 · security, Agora
dereckson updated the task description for T1120: Switch agora.nasqueron.org to HTTPS only.
Jan 21 2017, 13:23 · security, Agora

Jan 15 2017

dereckson updated the task description for T1109: Switch all OAuth GitHub applications to Nasqueron organization accounts.
Jan 15 2017, 08:22 · User-Dereckson, security, Nasqueron Operations Squad
dereckson added a comment to T1109: Switch all OAuth GitHub applications to Nasqueron organization accounts.

nasqueron-devcentral transferred

Jan 15 2017, 08:22 · User-Dereckson, security, Nasqueron Operations Squad
dereckson updated the task description for T1109: Switch all OAuth GitHub applications to Nasqueron organization accounts.
Jan 15 2017, 08:03 · User-Dereckson, security, Nasqueron Operations Squad
dereckson added projects to T1109: Switch all OAuth GitHub applications to Nasqueron organization accounts: Nasqueron Operations Squad, security.
Jan 15 2017, 07:59 · User-Dereckson, security, Nasqueron Operations Squad

Jan 14 2017

dereckson closed T1103: SMTP mail.nasqueron.org requires STARTTLS while RFC 2487 and RFC 3207 forbid this behavior as Resolved.

/etc/postfix/main.cf setting has been switched back to smtpd_tls_security_level = may, mail server restarted.

Jan 14 2017, 07:57 · security, Mail
dereckson added a project to T1103: SMTP mail.nasqueron.org requires STARTTLS while RFC 2487 and RFC 3207 forbid this behavior: security.
Jan 14 2017, 07:53 · security, Mail

Jan 12 2017

dereckson moved T619: Allow to control from TC2 the Docker engine from Wikidata to TC2 on the Dæghrefn board.
Jan 12 2017, 04:51 · Operations sprints (Operations sprint 1), security, Nasqueron Docker deployment squad, Servers, Dæghrefn
dereckson moved T619: Allow to control from TC2 the Docker engine from Backlog to Wikidata on the Dæghrefn board.
Jan 12 2017, 04:43 · Operations sprints (Operations sprint 1), security, Nasqueron Docker deployment squad, Servers, Dæghrefn

Dec 24 2016

dereckson closed T822: SSL certificates: migrate from Startcom to Let's encrypt as Resolved.

Done this night for both.

Dec 24 2016, 03:53 · Servers, security
dereckson closed T654: Apply Let's encrypt SSL certificates for *.nasqueron.org as Resolved.
Dec 24 2016, 03:51 · security, Servers
dereckson closed T654: Apply Let's encrypt SSL certificates for *.nasqueron.org, a subtask of T822: SSL certificates: migrate from Startcom to Let's encrypt, as Resolved.
Dec 24 2016, 03:51 · Servers, security

Dec 20 2016

dereckson added a comment to T822: SSL certificates: migrate from Startcom to Let's encrypt.

I've checked the current state of the migration. We only have two certificates remaining and we're done:

Dec 20 2016, 17:32 · Servers, security

Nov 24 2016

Sandlayth claimed T853: Deploy a Let's encrypt certificate to the Mumble server.
Nov 24 2016, 18:00 · good-first-issue, Mumble, security, Servers

Nov 6 2016

dereckson added a revision to T853: Deploy a Let's encrypt certificate to the Mumble server: D691: Allow to update Mumble server certificates.
Nov 6 2016, 19:09 · good-first-issue, Mumble, security, Servers
dereckson placed T853: Deploy a Let's encrypt certificate to the Mumble server up for grabs.

Current status

Nov 6 2016, 19:07 · good-first-issue, Mumble, security, Servers
dereckson updated the task description for T853: Deploy a Let's encrypt certificate to the Mumble server.
Nov 6 2016, 19:04 · good-first-issue, Mumble, security, Servers
First
Prev
Next
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator