Closed Bug 1363513 Opened 8 years ago Closed 8 years ago

Plugin block request: Adobe Flash Player 25.0.0.163 and earlier

Categories

(Toolkit :: Blocklist Policy Requests, enhancement)

Product:
Toolkit
Component:
Blocklist Policy Requests
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: guigs, Assigned: jorgev)

Details

(Whiteboard: [plugin])

+++ This bug was initially created as a clone of Bug #1302525 +++ Plugin name: Flash Player.plugin Plugin versions to block: 25.0.0.148 Applications, versions, and platforms affected: Block severity: (hard How does this plugin appear in about:plugins? File: Version: Description: File: Flash Player.plugin Path: /Library/Internet Plug-Ins/Flash Player.plugin Version: 25.0.0.148 State: Enabled Shockwave Flash 25.0 r0 File: NPSWF32_25_0_0_148.dll Path: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_25_0_0_148.dll Version: 22.0.0.209 State: Enabled Shockwave Flash 25.0 r0 File: NPSWF32_25_0_0_148.dll Path: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll Version: 25.0.0.148 State: Enabled Shockwave Flash 25.0 r0 File: NPSWF32_25_0_0_148.dll Path: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll Version: 25.0.0.148 State: Enabled Shockwave Flash 25.0 r0 (don't have linux sorry) Homepage and other references and contact info: https://helpx.adobe.com/security/products/flash-player/apsb17-15.html
No longer depends on: 1363510
The fixed version is 25.0.0.171, and the affected versions are 25.0.0.148 for Windows and Linux, and 25.0.0.163 for Mac, so I'm setting the block to end on version 25.0.0.163.
Assignee: nobody → jorge
Summary: Plugin block request: Adobe Flash Player 25.0.0.148 and earlier → Plugin block request: Adobe Flash Player 25.0.0.163 and earlier
The blocks are now staged and ready for testing.
Flags: needinfo?(kjozwiak)
Before going through the tests on each platform, I ensured that the fp25.0.0.163 block was being listed in the following XML file: https://settings.prod.mozaws.net/v1/preview/3/%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D/51.0.1/Firefox/20170125094131/Darwin_x86_64-gcc3-u-i386-x86_64/en-US/release/ ========================= Win 10 Pro x64 VM: PASSED ========================= System with 25.0.0.148 installed: --------------------------------- File: NPSWF32_25_0_0_148.dll Path: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_148.dll Version: 25.0.0.148 State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE) Shockwave Flash 25.0 r0 * build used: https://archive.mozilla.org/pub/firefox/releases/53.0.2/win32/en-US/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 4 * ensured that the flash plugin appears as blocked under about:addons * ensured that "Always Active" is being disabled * ensured that the "Version Information" under http://www.adobe.com/software/flash/about/ is listing 25.0.0.148 as outdated * ensured that flash is being blocked on several popular websites Upgrading 25.0.0.148 to 25.0.0.171: ----------------------------------- File: NPSWF32_25_0_0_171.dll Path: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll Version: 25.0.0.171 State: Enabled Shockwave Flash 25.0 r0 * build used: https://archive.mozilla.org/pub/firefox/releases/53.0.2/win32/en-US/ * ensured that "Always Active" can be enabled * ensured that the flash plugin doesn't appear blocked under about:addons * ensured that the "Version Information" under http://www.adobe.com/software/flash/about/ is listing 25.0.0.171 as the latest version System with 25.0.0.171 installed: --------------------------------- File: NPSWF32_25_0_0_171.dll Path: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll Version: 25.0.0.171 State: Enabled Shockwave Flash 25.0 r0 * build used: https://archive.mozilla.org/pub/firefox/releases/53.0.2/win32/en-US/ * * browser console log: Blocklist state for Shockwave Flash changed from 0 to 0 * ensured that "Always Active" can be enabled * ensured that the flash plugin doesn't appear blocked under about:addons * ensured that the "Version Information" under http://www.adobe.com/software/flash/about/ is listing 25.0.0.171 as the latest version ================================= Ubuntu 16.04.2 LTS x64 VM: PASSED ================================= System with 25.0.0.148 installed: --------------------------------- File: libflashplayer.so Path: /usr/lib/mozilla/plugins/libflashplayer.so Version: 25.0.0.148 State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE) Shockwave Flash 25.0 r0 * build used: https://archive.mozilla.org/pub/firefox/releases/53.0.2/linux-x86_64/en-US/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 4 * ensured that the flash plugin appears as blocked under about:addons * ensured that "Always Active" is being disabled * ensured that the "Version Information" under http://www.adobe.com/software/flash/about/ is listing 25.0.0.148 as outdated * ensured that flash is being blocked on several popular websites Upgrading 25.0.0.148 to 25.0.0.171: ----------------------------------- File: libflashplayer.so Path: /usr/lib/mozilla/plugins/libflashplayer.so Version: 25.0.0.171 State: Enabled Shockwave Flash 25.0 r0 * build used: https://archive.mozilla.org/pub/firefox/nightly/2017/05/2017-05-11-13-33-12-mozilla-central/ * ensured that "Always Active" can be enabled * ensured that the flash plugin doesn't appear blocked under about:addons * ensured that the "Version Information" under http://www.adobe.com/software/flash/about/ is listing 25.0.0.171 as the latest version System with 25.0.0.171 installed: --------------------------------- File: libflashplayer.so Path: /usr/lib/mozilla/plugins/libflashplayer.so Version: 25.0.0.171 State: Enabled Shockwave Flash 25.0 r0 * build used: https://archive.mozilla.org/pub/firefox/nightly/2017/05/2017-05-11-07-47-36-mozilla-aurora/ * * browser console log: Blocklist state for Shockwave Flash changed from 0 to 0 * ensured that "Always Active" can be enabled * ensured that the flash plugin doesn't appear blocked under about:addons * ensured that the "Version Information" under http://www.adobe.com/software/flash/about/ is listing 25.0.0.171 as the latest ========================= macOS 10.12.4 x64: PASSED ========================= System with 25.0.0.163 installed: --------------------------------- File: Flash Player.plugin Path: /Library/Internet Plug-Ins/Flash Player.plugin Version: 25.0.0.163 State: Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE) Shockwave Flash 25.0 r0 * build used: https://archive.mozilla.org/pub/firefox/releases/52.0.2/mac/ * browser console log: Blocklist state for Shockwave Flash changed from 0 to 4 * ensured that the flash plugin appears as blocked under about:addons * ensured that "Always Active" is being disabled * ensured that the "Version Information" under http://www.adobe.com/software/flash/about/ is listing 25.0.0.163 as outdated * ensured that flash is being blocked on several popular websites Upgrading 25.0.0.163 to 25.0.0.171: ----------------------------------- File: Flash Player.plugin Path: /Library/Internet Plug-Ins/Flash Player.plugin Version: 25.0.0.171 State: Enabled Shockwave Flash 25.0 r0 * build used: https://archive.mozilla.org/pub/firefox/candidates/54.0b6-candidates/build1/mac/en-US/ * ensured that "Always Active" can be enabled * ensured that the flash plugin doesn't appear blocked under about:addons * ensured that the "Version Information" under http://www.adobe.com/software/flash/about/ is listing 25.0.0.171 as the latest version System with 25.0.0.171 installed: --------------------------------- File: Flash Player.plugin Path: /Library/Internet Plug-Ins/Flash Player.plugin Version: 25.0.0.171 State: Enabled Shockwave Flash 25.0 r0 * build used: https://archive.mozilla.org/pub/firefox/nightly/2017/05/2017-05-11-06-38-38-mozilla-central/ * * browser console log: Blocklist state for Shockwave Flash changed from 0 to 0 * ensured that "Always Active" can be enabled * ensured that the flash plugin doesn't appear blocked under about:addons * ensured that the "Version Information" under http://www.adobe.com/software/flash/about/ is listing 25.0.0.171 as the latest version
Flags: needinfo?(kjozwiak)
Andreas, please push this block live.
Flags: needinfo?(awagner)
This block is now live.
Status: NEW → RESOLVED
Closed: 8 years ago
Flags: needinfo?(awagner)
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.