Last Comment Bug 479095 - Blocklist AVG SafeSearch v.8.0 (and lower) for Firefox 3.5
: Blocklist AVG SafeSearch v.8.0 (and lower) for Firefox 3.5
Status: RESOLVED FIXED
: fixed1.9.1, relnote
Product: Toolkit
Classification: Components
Component: Blocklisting (show other bugs)
: 4.x
: All All
: -- major with 1 vote (vote)
: 3.1
Assigned To: Michael Morgan [:morgamic]
:
Mentors:
Depends on: 498471
Blocks: 494742
  Show dependency treegraph
 
Reported: 2009-02-18 11:49 PST by Kev Needham [:kev]
Modified: 2016-03-07 15:30 PST (History)
28 users (show)
mbeltzner: blocking‑firefox3.5+
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---


Attachments

Description Kev Needham [:kev] 2009-02-18 11:49:51 PST
Per bug 475653, version 8.0 of AVG's SafeSearch extension, which is installed/registered with the AVG software, breaks the location bar in Fx3.1. Specifics are in the bug, but the long and the short of it is that the Enter key will no longer submit the text entered in the location bar, the "go" arrow must be clicked on.

Because this version of the extension breaks a core navigation method in 3.1, I'd like to recommend we blocklist it. AVG has prepared a fix and will be deploying it soon, but I'd still like to add version 8.0 and lower to the blocklist for Firefox 3.1 and higher.

Identifying information for the extension is as follows:

    <em:id>{3f963a5b-e555-4543-90e2-c3908898db71}</em:id>
    <em:name>AVG Safe Search</em:name>
    <em:version>8.0</em:version>
    <em:type>2</em:type><!-- extension -->
    <em:description>Guard against clicking malicious links.</em:description>
    <em:creator>AVG, Inc.</em:creator>
Comment 1 Dave Garrett 2009-02-18 12:14:14 PST
Blocklist XML to add would be:

    <emItem id="{3f963a5b-e555-4543-90e2-c3908898db71}">
      <versionRange minVersion=" " maxVersion="8.0">
        <targetApplication id="{ec8030f7-c20a-464f-9b0e-13a3a9e97384}">
           <versionRange minVersion="3.1a1" maxVersion="*"/>
        </targetApplication>
      </versionRange>
    </emItem>
Comment 2 Kev Needham [:kev] 2009-02-24 06:51:53 PST
E-mail sent to Petr at AVG outlining intent to BL version 8.0, and asking AVG to review that the MaxVersion is set correctly, and that the version of the extension is incremented to avoid being caught by the BL entry. Waiting to hear back to see if there are any questions.
Comment 3 Marcia Knous [:marcia - use ni] 2009-03-16 11:58:00 PDT
Until this happens, I would recommend release noting it since I see many reports of this problem being mentioned in the Hendrix feedback.
Comment 4 Mike Beltzner [:beltzner, not reading bugmail] 2009-03-18 11:19:10 PDT
This blocks 3.5, IMO, since we have known compatibility problems.
Comment 5 Vladimir Vukicevic [:vlad] [:vladv] 2009-03-29 14:16:23 PDT
Yeah, this is breaking the beta currently if AVG is installed.

Dumb question: why do we allow <maxVersion>3.*</maxVersion>?  I know AMO doesn't, but it seems like you should need to do something extra in Fx itself (like disabling version compat checking) to allow that..
Comment 6 Dave Townsend [:mossop] 2009-03-29 14:59:04 PDT
Filed bug 485833 to talk about a potential way of restricting maxVersions.
Comment 7 Mike Beltzner [:beltzner, not reading bugmail] 2009-03-29 23:12:49 PDT
What's holding up the blocklisting here?
Comment 8 Mike Beltzner [:beltzner, not reading bugmail] 2009-05-19 23:57:26 PDT
(In reply to comment #7)
> What's holding up the blocklisting here?

doo dee doo
Comment 9 Mike Beltzner [:beltzner, not reading bugmail] 2009-05-24 12:57:52 PDT
Morgamic, Rey: where's the holdup on this?
Comment 10 Rey Bango 2009-05-26 09:04:35 PDT
There's no hold-up from our end AFAIK.
Comment 11 Mike Beltzner [:beltzner, not reading bugmail] 2009-06-14 18:18:26 PDT
OK, so, why hasn't it been blocklisted yet?
Comment 12 Mike Beltzner [:beltzner, not reading bugmail] 2009-06-15 13:38:09 PDT
Let me ask it this way: who adds it to the blocklist, in our process?
Comment 13 Kev Needham [:kev] 2009-06-15 13:41:51 PDT
WebDev adds once all of the conditions have been met (e.g. acceptance as a blocklist item, vendor notification/confirmation, etc.).

To re-confirm, to the best of my knowledge all conditions have been met for this blocklist addition and it's good to go.
Comment 14 Dave Garrett 2009-06-15 13:56:42 PDT
If everything is "good to go", what's with the 3 months of nothingness here?
Comment 15 Michael Morgan [:morgamic] 2009-06-15 14:20:42 PDT
I dropped the ball on this, we'll get it taken care of today.  Sorry guys.
Comment 16 Mike Beltzner [:beltzner, not reading bugmail] 2009-06-15 14:25:11 PDT
No worries; good to know who to ping. I'd thought that it was Rey or Nick that handled it. Would it help to move these bugs over to some webdev component for you to track once all requirements are met?
Comment 17 Dave Garrett 2009-06-15 14:30:39 PDT
Maybe a set of whiteboard statuses could be used to indicate what phase of the process these bugs are in?
Comment 18 Kev Needham [:kev] 2009-06-15 14:38:51 PDT
I'll draft something up, and fwd it to rey and nick for review and inclusion in the policy. I'll also push a little more efficiently, something that I should be doing.

thanks for getting it in, morgamic!
Comment 19 Michael Morgan [:morgamic] 2009-06-15 14:41:19 PDT
IT bug for database change: bug 498471

I will update mozilla.com shortly.
Comment 20 Michael Morgan [:morgamic] 2009-06-15 15:08:48 PDT
mozilla.com updated: http://www.mozilla.com/en-US/blocklist/
waiting for IT to push bug 498471.
Comment 21 Alice Wyman 2009-06-21 03:49:58 PDT
http://www.mozilla.com/en-US/blocklist/ reads, 
"AVG SafeSearch, versions older than 8.0".  

Shouldn't that be "version 8.0 and older" ?
Comment 22 ew_h 2009-07-20 01:57:57 PDT
Sometimes I have the reported problem as well. - But I have never installed AVG!
Comment 23 Daniel Veditz [:dveditz] 2009-07-21 12:08:22 PDT
ew_h: if you have not installed AVG then you've got some other bug and you should check with http://support.mozilla.com for help figuring out how to file the symptoms you're seeing.

The only way it might be this bug if you never installed AVG is if you installed the older "XPL LinkScanner" that AVG bought and included. If that's the case then we should blocklist that one, too, although we'll still want a new bug because it will get lost buried at the bottom of this "fixed" one.
Comment 24 Pham Manh 2009-09-16 12:07:03 PDT
Created attachment 401068 [details]
firefox.exe
Comment 25 Dave Garrett 2009-09-16 12:28:30 PDT
Comment on attachment 401068 [details]
firefox.exe

Pham Manh, you're in the wrong place and very confused. Why you felt the need to upload a Firefox 3.5.3 Windows executable here is beyond me. (can someone delete this thing?) Please go to support.mozilla.com if you need help with something, or at far least file a new bug report.
Comment 26 Dave Garrett 2009-09-16 12:32:46 PDT
This is still marked as push-needed, though it looks like this is live and has been for a while. Is there anything lingering here or can this be verified?
Comment 27 Dave Miller [:justdave] (justdave@bugzilla.org) 2009-09-16 17:45:28 PDT
The content of attachment 401068 [details] has been deleted by
    Dave Miller [:justdave] <justdave@mozilla.com>
who provided the following reason:

don't need executables on here

The token used to delete this attachment was generated at 2009-09-16 17:45:19 PDT.

Note You need to log in before you can comment on or make changes to this bug.