Hi, can you please setup…

Hi, can you please setup proxy access for @coachbirgit? As a polyglots mentor she’ll be helping out with managing rosetta sites and will need access to the global.WordPress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ network.

Her public key is:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDLEeqcc5blku3s2AS5hvwF7yYVb6pAzbpx3Dg8a2a3RbxNXIIb21099UB6vCwtFqu0en8cU3S944KsDJ69H39B3y11qndjKy2TnH+a8N7TgBfFBQ5yOClAAUHKg/PwIiZyF1AXpmUBHr9OSPHrSsSrOcpfxDnbR9bcxPambP2G8T1eLgxuL+EMwvHZyg1ELDbr8+Ns/OtaHdx1ps0gVT40F5FyeBZLxNtCGDqpTg+KP0feAgHLu2S/EL/tNhhXLqfIiF07WBc5QpqyVhovcuKH7D2IzPmNeyPoTisMIq27kRh2MRbhhm6UAqL89rws3HqpunEPayKXv8NtbzjBAQvyeSkiF7Lyxwhn2fhKn5LyEI7qsRjdfTGRQVayLklyyPYPDpt3ljdxjf/AqIRAZz8g+80ZDIWtrORCIU8VybzUNpL9jgq37xVTcKRQS3NtVskPJRQa83Pv0FyF+pVQIrsIfOWpWcUNqBtMoj3pBv0vtqGl/M8JTLBzBgK68/DDg3Igq1Zj9NCYRyrkkPTcluuWwkNfn1XPzOrI1N68upksbUkby1ivmd5L8XChWdyhM97GTejvJFCTvzHlMLGDFZ40XYPPdW2GjO5igWjRu+6hgNVVqtk8ZrvlRjxvYygULk7U7olwAwCFSE25OejojdSBaYdcIbkXpS17cj6mwXWZQw== coachbirgit@gmail.com

Thanks!

#prio2

Update Apache on lists.wordpress.org

A report came in via HackerOne informing us that lists.wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ is running a version of the ApacheApache Apache is the most widely used web server software. Developed and maintained by Apache Software Foundation. Apache is an Open Source software available for free. web server which contains several known vulnerabilities. It should be updated to the latest in either the 2.2.x or 2.4.x branch.

#prio3

CAA for wordpress.org

A report came in via HackerOne recommending that Certificate Authority Authorization be implemented for wordpress.orgWordPress.org The community site where WordPress code is created and shared by the users. This is where you can download the source code for WordPress core, plugins and themes as well as the central location for community conversations and organization. https://wordpress.org/ (and other W domains).

CAA allows a domain owner to restrict which CAs are allowed to issue certificates for the domain. It’s been useless until quite recently: the CAB Forum recently voted to enforce CAA checks for all new certificates starting next month, so it’s definitely a useful measure to implement.

More info: https://scotthelme.co.uk/certificate-authority-authorization/

#prio3