Closed
Bug 1302525
Opened 8 years ago
Closed 8 years ago
Plugin block request: Adobe Flash Player 22.0.0.209, 22.0.0.211 and earlier, 18.0.0.366 and earlier
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
FIXED
People
(Reporter: guigs, Assigned: eviljeff)
References
Details
(Whiteboard: [plugin])
Plugin name: Flash Player.plugin
Plugin versions to block: 22.0.0.209, 22.0.0.211 and earlier, 18.0.0.366 and earlier, 11.2.202.632 and earlier
Applications, versions, and platforms affected:
Block severity: (hard
How does this plugin appear in about:plugins?
File:
Version:
Description:
File: Flash Player.plugin
Path: /Library/Internet Plug-Ins/Flash Player.plugin
Version: 22.0.0.209
State: Enabled
Shockwave Flash 22.0 r0
File: NPSWF32_22_0_0_209.dll
Path: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_22_0_0_209.dll
Version: 22.0.0.209
State: Enabled
Shockwave Flash 22.0 r0
File: NPSWF32_22_0_0_209.dll
Path: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll
Version: 22.0.0.209
State: Enabled
Shockwave Flash 22.0 r0
File: NPSWF32_22_0_0_211.dll
Path: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_211.dll
Version: 22.0.0.211
State: Enabled
Shockwave Flash 22.0 r0
(don't have linux sorry)
Homepage and other references and contact info:
https://helpx.adobe.com/security/products/flash-player/apsb16-29.html
|
Reporter | |
Updated•8 years ago
|
Summary: Plugin block request: <plugin name> → Plugin block request: Adobe Flash Player 22.0.0.209, 22.0.0.211 and earlier, 18.0.0.366 and earlier
|
|
Reporter | |
Comment 1•8 years ago
|
||
Does anyone know if Adobe Flash is still tracking blocklist in Firefox?
|
||
Comment 2•8 years ago
|
||
(In reply to rmcguigan from comment #1) > Does anyone know if Adobe Flash is still tracking blocklist in Firefox? If you're asking whether this blocklist request is still relevant, the answer is yes. It should be handled soon.
|
Assignee | |
Comment 3•8 years ago
|
||
https://addons-dev.allizom.org/en-US/admin/models/blocklist/blocklistdetail/939/ https://addons-dev.allizom.org/en-US/admin/models/blocklist/blocklistdetail/940/ https://addons-dev.allizom.org/en-US/admin/models/blocklist/blocklistdetail/941/ test please
Flags: needinfo?(kjozwiak)
|
|
Assignee | |
Updated•8 years ago
|
Assignee: nobody → awilliamson
Hello Andrew, based on the top crasher on Aurora50 since a week, it seems most of the crashes are coming from the latest version 23.0.0.162. See http://bit.ly/2d1rghh for crash info. Is there a possibility we can block that version too?
Flags: needinfo?(awilliamson)
|
|
Assignee | |
Comment 5•8 years ago
|
||
(In reply to Ritu Kothari (:ritu) from comment #4) > Hello Andrew, based on the top crasher on Aurora50 since a week, it seems > most of the crashes are coming from the latest version 23.0.0.162. See > http://bit.ly/2d1rghh for crash info. > > Is there a possibility we can block that version too? can you file a separate bug for it? (we can... though blocking a release version of Flash is a contentious issue)
Flags: needinfo?(awilliamson)
|
||
Comment 6•8 years ago
|
||
Everything looks like it's working correctly. However, the Flash Extended Support Release (18.0.0.366) is currently pointing to /blocked/p940/ [1] which is currently displaying "Flash Player Plugin 13.0.0.296 to 13.0.0.301 (click-to-play) has been blocked for your protection." Is the new p940 link replacing the current [1] one with the new range that will include the version that's being blocked in this bug? [1] https://blocklist.addons.mozilla.org/en-US/firefox/blocked/p940 Windows 10 x64 VM: PASSED ========================= File: NPSWF32_22_0_0_209.dll Path: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_22_0_0_209.dll Version: 22.0.0.209 State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE) Shockwave Flash 22.0 r0 * build used: https://archive.mozilla.org/pub/firefox/nightly/2016/09/2016-09-20-00-40-04-mozilla-aurora/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 4 * ensured that "Update Now" pointed too firefox/blocked/p941 * esnured that "Always Active" is disabled * ensured flash is correctly being blocked File: NPSWF32_18_0_0_366.dll Path: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_18_0_0_366.dll Version: 18.0.0.366 State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE) Shockwave Flash 18.0 r0 * build used: https://archive.mozilla.org/pub/firefox/nightly/2016/09/2016-09-20-03-04-29-mozilla-central/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 4 * ensured that "Update Now" pointed too firefox/blocked/p940 * esnured that "Always Active" is disabled * ensured flash is correctly being blocked File: NPSWF32_23_0_0_162.dll Path: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_162.dll Version: 23.0.0.162 State: Enabled Shockwave Flash 23.0 r0 * build used: https://archive.mozilla.org/pub/firefox/releases/48.0.2/win32/en-US/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 0 * esnured that "Always Active" enabled File: NPSWF32_18_0_0_375.dll Path: C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_18_0_0_375.dll Version: 18.0.0.375 State: Enabled Shockwave Flash 18.0 r0 * build used: https://archive.mozilla.org/pub/firefox/candidates/49.0-candidates/build4/win32/en-US/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 0 * esnured that "Always Active" enabled OSX 10.11.6 x64: PASSED ======================= File: Flash Player.plugin Path: /Library/Internet Plug-Ins/Flash Player.plugin Version: 22.0.0.209 State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE) Shockwave Flash 22.0 r0 * build used: https://archive.mozilla.org/pub/firefox/releases/48.0.2/mac/en-US/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 4 * ensured that "Update Now" pointed too firefox/blocked/p941 * esnured that "Always Active" is disabled * ensured flash is correctly being blocked File: Flash Player.plugin Path: /Library/Internet Plug-Ins/Flash Player.plugin Version: 18.0.0.366 State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE) Shockwave Flash 18.0 r0 * build used: https://archive.mozilla.org/pub/firefox/nightly/2016/09/2016-09-20-00-40-04-mozilla-aurora/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 4 * ensured that "Update Now" pointed too firefox/blocked/p940 * esnured that "Always Active" is disabled * ensured flash is correctly being blocked File: Flash Player.plugin Path: /Library/Internet Plug-Ins/Flash Player.plugin Version: 23.0.0.162 State: Enabled Shockwave Flash 23.0 r0 * build used: https://archive.mozilla.org/pub/firefox/nightly/2016/09/2016-09-20-03-04-29-mozilla-central/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 0 * esnured that "Always Active" enabled File: Flash Player.plugin Path: /Library/Internet Plug-Ins/Flash Player.plugin Version: 18.0.0.375 State: Enabled Shockwave Flash 18.0 r0 * build used: https://archive.mozilla.org/pub/firefox/nightly/2016/09/2016-09-20-03-04-29-mozilla-central/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 0 * esnured that "Always Active" enabled Ubuntu 16.04.1 LTS VM x64: PASSED ================================= File: libflashplayer.so Path: /usr/lib/mozilla/plugins/libflashplayer.so Version: 11.2.202.632 State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE) Shockwave Flash 11.2 r202 * build used: https://archive.mozilla.org/pub/firefox/nightly/2016/09/2016-09-20-03-04-29-mozilla-central/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 4 * ensured that "Update Now" pointed too firefox/blocked/p939 * esnured that "Always Active" is disabled * ensured flash is correctly being blocked File: libflashplayer.so Path: /usr/lib/mozilla/plugins/libflashplayer.so Version: 11.2.202.635 State: Enabled Shockwave Flash 11.2 r202 * build used: https://archive.mozilla.org/pub/firefox/nightly/2016/09/2016-09-20-00-40-04-mozilla-aurora/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 0 * esnured that "Always Active" enabled
Flags: needinfo?(kjozwiak) → needinfo?(awilliamson)
|
|
Assignee | |
Comment 7•8 years ago
|
||
18.0.0.366 block is pointing to a url on production AMO? https://blocklist.addons.mozilla.org/en-US/firefox/blocked/p940 *not* something on the -dev blocklist? (that they're both p940 is entirely coincidental - the production blocklist has more entries because of bulk certificate blocks that we don't manually test so the numbers when live are likely to be p1272-4)
Flags: needinfo?(awilliamson) → needinfo?(kjozwiak)
|
|
||
Comment 8•8 years ago
|
||
> 18.0.0.366 block is pointing to a url on production AMO? > https://blocklist.addons.mozilla.org/en-US/firefox/blocked/p940 *not* > something on the -dev blocklist? I went through the blocks against 18.0.0.366 and ensured that the links were pointing to the blocklist-dev url [1]. Clicking on "Update Now" under about:addons will correctly open the url in a new tab and display "Flash Player Plugin 18.0.0.360 to 18.0.0.366 (click-to-play) has been blocked for your protection.". [1] https://blocklist-dev.allizom.org/en-US/firefox/blocked/p940 Platforms checked: * Win 10 x64 - PASSED ** build: fx52.0a1, buildId: 20160921030221, changeset: e2d2897e4a74 * OSX 10.11.6 x64 - PASSED ** build: fx51.0a2, buildId: 20160921004005, changeset: 9f757cfe0d33 > (that they're both p940 is entirely coincidental - the production blocklist > has more entries because of bulk certificate blocks that we don't manually > test so the numbers when live are likely to be p1272-4) Sounds great! I wasn't too sure if this would cause conflicts once it was pushed into production. Apologies for the red flag.
Flags: needinfo?(kjozwiak)
|
|
Assignee | |
Comment 9•8 years ago
|
||
done: https://addons.mozilla.org/en-US/firefox/blocked/p1272 https://addons.mozilla.org/en-US/firefox/blocked/p1273 https://addons.mozilla.org/en-US/firefox/blocked/p1274
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•