May 18th Support Team Meeting Summary

Announcements

WordPress 4.7.5

We have nothing new to add to the known issues for 4.7 this week.

WordPress 4.8 Beta 1

WordPress 4.8 Beta 1 is here! Please make sure that you’re testing via something like the Beta Tester plugin or Varying Vagrant Vagrants.

If you have any other fun/easy beta testing methods to share, please do so in the comments below!

Handling Security Vulnerability Questions

When you encounter questions about security vulnerabilities, please keep in mind that we are representatives of WordPress. We should not be spreading any information about security vulnerabilities which have not been published at WordPress.org. We all agree that there are many great third-party resources out there, but our approach must be complimentary to WordPress’s desire for private disclosure.

For example, if someone asks “Is this security vulnerability fixed in 4.7.5?” we should remove the details of the vulnerability from their post (or ask a Moderator to do so) and then consult 4.7.5’s release post. If it has indeed been fixed, let them know and refer them to the release post. If it has not been fixed, refer them to the release post and ask them to report it via HackerOne (there’s no harm in duplicate reports).

(If you want to use your favorite third-party resource to help you find out if security vulnerabilities have been addressed, please of course do so, just don’t link to it. Overall, we should only link to security vulnerability information published at WordPress.org.)

Checkin with International Support Liaisons

Attendance

@macmanx @bcworkz @vitormadeira @erricgunawan @bdbrown @t-p @anevins @cristianozanca @numeeja @sterndata @geoffreyshilling @stephencottontail @glorialchemica @tobifjellner @francescodicandia @keesiemeijer @fierevere @lasacco @pr0v4 @kidsguide @travel_girl @zoonini @pmfonseca @geost @sergeybiryukov @hardeepasrani @zodiac1978 attended

Read the meeting transcript in the Slack archives. (A Slack account is required)

#weekly-chat