Bug 1172198

Blocklist YouTube Unblocker add-on

RESOLVED FIXED in 2015-08

Get help with this page

Status

()

Product:

▸

Toolkit

Component:

▸

Blocklisting

Status:

RESOLVED FIXED

Reported:

3 years ago

Modified:

2 years ago

People

(Reporter: kmag, Assigned: jorgev)

Tracking

Version:

unspecified

Target:

2015-08

Points:

---

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [qa-])

Kris Maglione [:kmag] (long backlog; ping on IRC if you're blocked)

(Reporter)

Description

•

3 years ago

Versions of this add-on from 0.5.0.1 through 0.6.10 contain code which update arbitrary files within the add-on after it has been installed. Moreover, the list of files to update and the sources from which to fetch the updates, is retrieved over HTTP URLs.

Since this is a serious security issue, and a violation of multiple AMO policies, affected versions should be blocklisted.

ID: youtubeunblocker@unblocker.yt

Jorge Villalobos [:jorgev]

(Assignee)

Comment 1

•

3 years ago

There's a new version that has now been approved. I'll block the bad versions in 2 weeks, to ensure most users will have updated to the safe version.

Assignee: nobody → jorge

Jorge Villalobos [:jorgev]

(Assignee)

Comment 2

•

3 years ago

Blocked: https://addons.mozilla.org/en-US/firefox/blocked/i990

Status: NEW → RESOLVED

Last Resolved: 3 years ago

Resolution: --- → FIXED

Whiteboard: [qa-]

Target Milestone: --- → 2015-08

Nobody; OK to take it and work on it

Updated

•

2 years ago

Product: addons.mozilla.org → Toolkit

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Blocklist YouTube Unblocker add-on

Status

()

People

(Reporter: kmag, Assigned: jorgev)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [qa-])

Security

(public)

User Story

Description

Comment 1

Comment 2

Updated