Closed
Bug 754723
Opened 13 years ago
Closed 13 years ago
Consider blocklisting Flash versions <=10.2.159.1
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
FIXED
People
(Reporter: akeybl, Unassigned)
References
Details
(Whiteboard: [plugin])
Attachments
(1 file)
Plugin name: Adobe Flash Player
Plugin versions to block: 10.2.159.1 or less
Applications, versions, and platforms affected: Firefox, all, all
Block severity: severity=0
How does this plugin appear in about:plugins?
File: Flash Player.plugin
Version: 10.2.159.1
Description: Shockwave Flash
Reasons:
* Security vulnerabilities
* Crashiness
Reporter | ||
Comment 1•13 years ago
|
||
Based upon https://bugzilla.mozilla.org/show_bug.cgi?id=526019#c20, we may actually want to limit this block to 3.6 and later (since early versions are soft/hard blocks).
For now, let's stage this blocklist and evaluate the user experience before moving forward. Please add qawanted once it's pushed to staging.
Comment 2•13 years ago
|
||
might be related /dupe whatever to https://bugzilla.mozilla.org/show_bug.cgi?id=704158 or maybe we can dupe that bug to this bug here
Comment 3•13 years ago
|
||
Tomcat, yes, at least the discussion to get to this bug came out of my efforts for bug 704158. They're closely related, if not dupes.
Reporter | ||
Comment 4•13 years ago
|
||
Perhaps we want bug 704158 to track the longer term soft/hard block of these old versions of Flash? I'll let Jorge decide how he wants to track the work.
Comment 5•13 years ago
|
||
(In reply to Alex Keybl [:akeybl] from comment #0)
> Block severity: severity=0
That would be a hardblock (a softblock would be severity=1). Is that what we want? If so, I don't see why we would exclude Firefox versions older than 3.6.
(In reply to Alex Keybl [:akeybl] from comment #4)
> Perhaps we want bug 704158 to track the longer term soft/hard block of these
> old versions of Flash? I'll let Jorge decide how he wants to track the work.
I'm not sure what you mean by longer term. If the ultimate purpose of this bug is to block these old versions, then I'd rather dupe bug 704158 and keep track of things here.
Comment 6•13 years ago
|
||
OK, I have staged the block here:
https://addons-dev.allizom.org/en-US/firefox/blocked/p87
A few notes on this block:
* It is a softblock, so users should have the option to reject it or reverse it.
* It should work correctly on Mac OS X.
* On Windows I'm using the following RE to detect the file name: NPSWF[0-9_]*\.dll. The sample I got is NPSWF32_11_2_202_235.dll, and it'd be good to get some more, specially for the versions we intend to block.
* On Linux we have the problem that plugin version numbers are not reported to Firefox, so we can't use a version range. For now, the block doesn't include Linux. If we want to include it, we'll need samples of the description text for blocked and non-blocked versions of the plugin, so that I can come up with a RE that matches the description text correctly.
(In reply to Jorge Villalobos [:jorgev] from comment #6)
> OK, I have staged the block here:
> https://addons-dev.allizom.org/en-US/firefox/blocked/p87
I've put together a test plan for Softvision to run through tonight:
https://etherpad.mozilla.org/flash-blocklist-10-2
Please review and if there are any issues bring them to my attention. If I don't hear back from you in the next couple of hours, I'll send it out to Softvision.
Comment 8•13 years ago
|
||
Testplan looks fine to me.
Thanks Al. Test plan has been circulated. I will report results tomorrow morning.
Comment 10•13 years ago
|
||
(In reply to Jorge Villalobos [:jorgev] from comment #5)
> (In reply to Alex Keybl [:akeybl] from comment #0)
> > Block severity: severity=0
>
> That would be a hardblock (a softblock would be severity=1). Is that what we
> want?
On the security-group list, we were informed that severity=2 would be hardblock, 1 would be softblock and 0 would be only showing a notification bar in the browser that urges the user to update, with a link to plugincheck. Was that information wrong, or is that maybe not implemented on the server side?
> I'm not sure what you mean by longer term. If the ultimate purpose of this
> bug is to block these old versions, then I'd rather dupe bug 704158 and keep
> track of things here.
The current plan is to go with the notification bar for now and with a softblock later on (depending on what effect the notification bar bring and potentially UI improvements).
(In reply to Jorge Villalobos [:jorgev] from comment #6)
> * On Windows I'm using the following RE to detect the file name:
> NPSWF[0-9_]*\.dll. The sample I got is NPSWF32_11_2_202_235.dll, and it'd be
> good to get some more, specially for the versions we intend to block.
The version we want to block all have NPSWF32.dll as the filename, AFAIK including the version in the filename was only introduced with Flash 11.2.
Comment 11•13 years ago
|
||
(In reply to Robert Kaiser (:kairo@mozilla.com) from comment #10)
> On the security-group list, we were informed that severity=2 would be
> hardblock, 1 would be softblock and 0 would be only showing a notification
> bar in the browser that urges the user to update, with a link to
> plugincheck. Was that information wrong, or is that maybe not implemented on
> the server side?
My understanding is that there are only two levels: 0 for hardblock (default) and 1 for softblock. I wasn't aware of the notification bar option. I'll investigate, maybe things are different for plugin blocks.
> The version we want to block all have NPSWF32.dll as the filename, AFAIK
> including the version in the filename was only introduced with Flash 11.2.
OK, I modified the filename check to only match NPSWF32.dll on Windows.
Comment 12•13 years ago
|
||
The staged block appears to be working. The only issue that was reported was the following scenario:
1. Install Flash 10.1
2. Blocklist ping > restart to disable Flash
3. Enable Flash in the Add-ons Manager
4. Update to Flash 11.2 and restart Firefox
Result:
Flash 10.1 and 11.2 both appear in the Addons Manager enabled. Disabling Flash 11.2 continues to allow usage of Flash 10.2. It should be noted that I've spent an hour trying to reproduce this and cannot; updating Flash to 11.2 overwrites Flash 10.2 in all instances.
We could delay push to production further to do more testing around this scenario but I don't think it's a good use of our time. The risks of delaying block of Flash 10.2 is greater than the risks of this unreproducible edge-case, in my opinion.
Comment 13•13 years ago
|
||
Are we planning on pushing this to production imminently?
Reporter | ||
Comment 14•13 years ago
|
||
(In reply to Kev [:kev] Needham from comment #13)
> Are we planning on pushing this to production imminently?
Nope, we'll need to finish evaluating the experience before going to production. Please wait on my go, which likely won't come this week.
Reporter | ||
Comment 15•13 years ago
|
||
(In reply to Jorge Villalobos [:jorgev] from comment #5)
> (In reply to Alex Keybl [:akeybl] from comment #0)
> > Block severity: severity=0
>
> That would be a hardblock (a softblock would be severity=1). Is that what we
> want? If so, I don't see why we would exclude Firefox versions older than
> 3.6.
Dan V suggested that there's an intermediate option (notification bar for outdated plugins) in email and subsequently in https://bugzilla.mozilla.org/show_bug.cgi?id=526019#c20
This bug isn't meant to cover a soft/hard block, only the use of the outdated plugin notification.
Comment 16•13 years ago
|
||
Mossop has confirmed that comment #10 is right about block levels, though he pointed out it has never been used in practice and should be tested carefully.
I've changed the block to have severity=0. Please test again. In this case, you should get a notification bar telling you the plugin is outdated. The plugin should not be disabled.
Comment 17•13 years ago
|
||
(In reply to Jorge Villalobos [:jorgev] from comment #16)
> Mossop has confirmed that comment #10 is right about block levels, though he
> pointed out it has never been used in practice and should be tested
> carefully.
Good, and yes, this is probably a first, reason enough to both test it well and actually use a feature that has been there resting for a while. :)
> I've changed the block to have severity=0.
Thanks, let's hope testing works out well. :)
Comment 18•13 years ago
|
||
Just confirming the desired behaviour before I put in the effort to retest this...
> 1. Install Flash 10.2
> 2. Force blocklist ping to staging
> 3. Notification bar appears warning user of unsafe Flash version
> 4. Test enable/disable/upgrade scenarios as before
Is this correct?
Comment 19•13 years ago
|
||
3. Notification bar appears warning user of outdated Flash version. The plugin will continue to be enabled.
4. Clicking on the button in the notification should take you to the plugin check page where you can upgrade Flash. After updating Flash, the notification shouldn't appear again.
I don't think we need to do any status testing since this block level doesn't do anything to the plugin status.
Comment 20•13 years ago
|
||
(In reply to Jorge Villalobos [:jorgev] from comment #19)
> After updating Flash, the notification shouldn't appear again.
Is there a way to force this check or adjust timers so I'm not waiting indefinitely?
Comment 21•13 years ago
|
||
My preferred way is to clear app.update.lastUpdateTime.blocklist-background-update-timer and restart. You can also set extensions.blocklist.interval to something like 60 seconds, but that's not really recommended if you forget to set it back :D
kev
(In reply to Anthony Hughes, Mozilla QA (irc: ashughes) from comment #20)
> (In reply to Jorge Villalobos [:jorgev] from comment #19)
> > After updating Flash, the notification shouldn't appear again.
>
> Is there a way to force this check or adjust timers so I'm not waiting
> indefinitely?
Comment 22•13 years ago
|
||
(In reply to Anthony Hughes, Mozilla QA (irc: ashughes) from comment #20)
> (In reply to Jorge Villalobos [:jorgev] from comment #19)
> > After updating Flash, the notification shouldn't appear again.
>
> Is there a way to force this check or adjust timers so I'm not waiting
> indefinitely?
I wrote an add-on that adds a thing to the tools menu to manually trigger certain timers: https://addons.mozilla.org/en-US/firefox/addon/timer-fire/
Comment 23•13 years ago
|
||
I'm not seeing a notification bar after forcing a ping, although p87 appears in my blocklist.xml file.
Firefox 12.0 en-US on Windows 7 64-bit.
Comment 24•13 years ago
|
||
I see a notification bar on Win 7 SP1 (32-bit). The problem is that after I update, I get BOTH the old version and the new version in my plugins list.
Comment 25•13 years ago
|
||
(In reply to Al Billings [:abillings] from comment #24)
> I see a notification bar on Win 7 SP1 (32-bit). The problem is that after I
> update, I get BOTH the old version and the new version in my plugins list.
Interesting; this was a problem Softvision was seeing yesterday but I was unable to reproduce.
Reporter | ||
Comment 26•13 years ago
|
||
(In reply to Al Billings [:abillings] from comment #24)
> I see a notification bar on Win 7 SP1 (32-bit). The problem is that after I
> update, I get BOTH the old version and the new version in my plugins list.
Cheng sent email about this - looks like bug 686335 is causing the old Flash plugin to stay registered till system restart (at which point it's removed).
Al - does the notification bar continue to drop down after installing the newer version (across browser restarts, etc.)? Also, can you confirm that a system restart removed the older version?
Comment 27•13 years ago
|
||
(In reply to Alex Keybl [:akeybl] from comment #26)
> Al - does the notification bar continue to drop down after installing the
> newer version (across browser restarts, etc.)? Also, can you confirm that a
> system restart removed the older version?
There is no notification bar after the upgrade. I rebooted the machine and the old version is no longer mentioned, as you described.
Reporter | ||
Comment 28•13 years ago
|
||
(In reply to Al Billings [:abillings] from comment #27)
> There is no notification bar after the upgrade. I rebooted the machine and
> the old version is no longer mentioned, as you described.
Given this, I don't think that issue is a blocker. I think the only remaining issue is comment 23.
Anthony, were you able to ever get the notification bar to come down?
Comment 29•13 years ago
|
||
The only annoying thing would be that if a user tries to plugincheck again (or still has the tab open) it'll say that they're still out of date until they actually restart their computer. (And they're correspondingly not-safe)
Comment 30•13 years ago
|
||
(In reply to Alex Keybl [:akeybl] from comment #28)
> Anthony, were you able to ever get the notification bar to come down?
I think my steps need clarification; I might have been testing this incorrectly.
> 1. Install Flash 10.1
> 2. Force a blocklist ping to staging
No notification bar appears. I was expecting it to appear at this point based on comment 19.
> 3. Go to YouTube.com
Notification bar appears stating "Some plugins used by this page are out of date"
Comment 31•13 years ago
|
||
Furthermore, after updating Flash I did not see another notification bar, and I've still not experienced the double version that Al and Softvision reported.
Reporter | ||
Comment 32•13 years ago
|
||
(In reply to [:Cww] from comment #29)
> The only annoying thing would be that if a user tries to plugincheck again
> (or still has the tab open) it'll say that they're still out of date until
> they actually restart their computer. (And they're correspondingly not-safe)
This is correct, but I think the pros of having them update and be safe on next restart outweigh the cons around the possibility of confusion.
Reporter | ||
Comment 33•13 years ago
|
||
Unless there are any remaining concerns, we plan to roll this to production on 5/23.
Comment 34•13 years ago
|
||
There was an ask last Thursday's channel meeting for QA to verify UX for a couple of scenarios.
> 1. What happens when a user dismisses the notification bar?
> 2. What happens when a user has Flash content loaded in multiple tabs?
> 3. What happens when a user has multiple "blocked" plugins installed?
Unfortunately, I can't seem to get the block working now. I have the correct entry in a new profile's blocklist.xml after forcing a ping but when I load Flash content with Flash 10.1r82 installed I don't see a notification bar and the Flash content is not blocked.
Since it's now the weekend and I am off Monday due to a public Holiday in Canada, I ask that someone else please test this. Either I'm doing something wrong or the block is not 100%.
Comment 35•13 years ago
|
||
Using Fx12, Flash 10.2.153.1, Win7 (32bit).
This is the current staged blocklist entry:
<pluginItem blockID="p87">
<match name="filename" exp="(NPSWF32\.dll)|(Flash\ Player\.plugin)"/>
<versionRange minVersion="0" maxVersion="10.2.159.1" severity="0"/>
</pluginItem>
1. If you dismiss the notification bar, it does just that. The video keeps playing while the notification is up and after you dismiss it. If you reload the page (say Youtube) or if you restart your browser, the notification will appear again.
2. When the user has Flash content in multiple tabs, the notification will appear on each of those tabs.
3. Still working on this one.
Comment 36•13 years ago
|
||
3. I couldn't get another plugin that was blocked with the same severity on either Mac or Windows. I tried editing the blocklist file to see if I could get blocked versions of the Java/Adobe Reader plugins to be treated like the blocked version of Flash, but in the end those are just plain disabled so I couldn't see notification bars for those.
Comment 37•13 years ago
|
||
(In reply to juan becerra [:juanb] from comment #36)
> 3. I couldn't get another plugin that was blocked with the same severity
This is the first time we are using severity=0 at all. I guess you'd need to manually modify another block to severity=0 to test this.
Comment 38•13 years ago
|
||
(In reply to Robert Kaiser (:kairo@mozilla.com) from comment #37)
> (In reply to juan becerra [:juanb] from comment #36)
> > 3. I couldn't get another plugin that was blocked with the same severity
>
> This is the first time we are using severity=0 at all. I guess you'd need to
> manually modify another block to severity=0 to test this.
I tried modifying several blocks to severity=0 per comment #36 in which I didn't explain this is one of the things I had tried. Also, I member having seen this type of severity in years past (at least through testing of the system).
Comment 39•13 years ago
|
||
The notification bar "block" is live now: https://addons.mozilla.org/en-US/firefox/blocked/p94
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
Comment 40•13 years ago
|
||
Since we are doing severity=0 info bar "blocking" is it really correct to say "Flash Player Plugin has been blocked for your protection."?
The infobar doesn't actually block, it just provides a warning message and still allows the flash plugin to be used.
Comment 41•13 years ago
|
||
That message is hard-coded in the block pages. I edited the description to try to explain the kind of block this is.
Comment 42•13 years ago
|
||
we can watch these reports for drops in the frequency of particular flash being around at the time of crashes.
https://crash-analysis.mozilla.com/chofmann/20120522/flash-version-breakdown.txt
After this runs a bit I can scrape data over several days to see any trends a bit easier.
Kairo has a report running as well.
Comment 43•13 years ago
|
||
(In reply to chris hofmann from comment #42)
> we can watch these reports for drops in the frequency of particular flash
> being around at the time of crashes.
>
> https://crash-analysis.mozilla.com/chofmann/20120522/flash-version-breakdown.
> txt
>
> After this runs a bit I can scrape data over several days to see any trends
> a bit easier.
>
> Kairo has a report running as well.
Perfect, thanks chofmann/kairo!
(In reply to Jorge Villalobos [:jorgev] from comment #41)
> That message is hard-coded in the block pages. I edited the description to
> try to explain the kind of block this is.
Is there a bug to have that changed?
Comment 44•13 years ago
|
||
(In reply to Johnathan Nightingale [:johnath] from comment #43)
> (In reply to Jorge Villalobos [:jorgev] from comment #41)
> > That message is hard-coded in the block pages. I edited the description to
> > try to explain the kind of block this is.
>
> Is there a bug to have that changed?
There's an Add-ons Work Week planned for early June where we will discuss a number of changes to the blocklist mechanism. I'll make sure this is brought up.
Reporter | ||
Comment 45•13 years ago
|
||
(In reply to Jorge Villalobos [:jorgev] from comment #39)
> The notification bar "block" is live now:
> https://addons.mozilla.org/en-US/firefox/blocked/p94
Since this block is out of the ordinary, let's verify that things are working as expected. Adding qawanted to verify that this is fixed.
Keywords: qawanted
Comment 46•13 years ago
|
||
(In reply to chris hofmann from comment #42)
> Kairo has a report running as well.
FYI, my reports are e.g. https://crash-analysis.mozilla.com/rkaiser/2012-05-22/2012-05-22.firefox.12.0.flashhangs.html - they separately look at how Flash hangs and crashes spread across Flash versions and compare if a versions gets a higher percentage of crashes or hangs.
Comment 47•13 years ago
|
||
According to some people I've talked to, updating the Flash plugin for Windows not only installs Google Chrome but also set it up as the default browser. So I guess we're losing those crashes one way or another :\
Just wanted to point this out as an unwanted side effect of these blocks (and the Adobe plugin in general).
Comment 48•13 years ago
|
||
(In reply to Alex Keybl [:akeybl] from comment #45)
> (In reply to Jorge Villalobos [:jorgev] from comment #39)
> > The notification bar "block" is live now:
> > https://addons.mozilla.org/en-US/firefox/blocked/p94
>
> Since this block is out of the ordinary, let's verify that things are
> working as expected. Adding qawanted to verify that this is fixed.
This is fixed in production. Tested with Fx12 and Fx3.6.28 on Windows XP. When you play a video in youtube.com using a version of Flash <= 10.2.159.1 you get the notification bar. If you are up to date, there's no notification bar.
Comment 49•13 years ago
|
||
Since May 23th and Shockwave Flash 10.1 r102 blocked, I cannot use Firefox 3.0.5 properly.
Anyway, I'm working without problem since years on Mac Mini PowerPC G4. Acctually it is not possible to upgrade Shockwave Flash 10.1 r102 on my Mac.
How can I reactivate Shockwave Flash 10.1 r102 please?
Comment 50•13 years ago
|
||
broc@swing.be:
switch extensions.blocklist.enabled in about:config (enter as url) to false and remove the file blocklist.xml in your firefox profile.
Comment 51•13 years ago
|
||
(In reply to Matthias Versen (Matti) from comment #50)
> broc@swing.be:
> switch extensions.blocklist.enabled in about:config (enter as url) to false
> and remove the file blocklist.xml in your firefox profile.
Great! Tks you very much!
Comment 52•13 years ago
|
||
(In reply to broc from comment #49)
> Since May 23th and Shockwave Flash 10.1 r102 blocked, I cannot use Firefox
> 3.0.5 properly.
We didn't block Flash at all in this bug. We only added display of a notification bar. One possibility is that your ancient and insecure Firefox 3.0 doesn't know about the different severities in the blocklist and therefore interprets our action as a block.
Even on a G4 I guess you should be able to run at least Firefox 3.6 or even TenFourFox, at least if you have OSX 10.4 or even 10.5 installed.
In any case, using this Firefox version and any unmaintained OS version (which you pretty sure have, as Apple only maintains 10.6 and up at this time) is a big risk to your computer, your data and yourself. Turning the blocklist on or off doesn't make it worse, at least, you're heavily at risk in any case.
Comment 53•13 years ago
|
||
(In reply to Matthias Versen (Matti) from comment #50)
> broc@swing.be:
> switch extensions.blocklist.enabled in about:config (enter as url) to false
> and remove the file blocklist.xml in your firefox profile.
Matthias,
I've received many Mozilla webmaster emails from PPC users complaining about not being able to access many web pages now. Will changing the pref above allow Flash for them, or do they also need to remove the file also? Does this also affect Java?
Comment 54•13 years ago
|
||
Changing the pref will only stop Firefox from reloading the blocklist, which we strongly recommend against. If they want to remove the Flash block, they will need to change the pref *and* either delete the file (which will remove *all* blocks, including Java) or open it and remove entry p94, if they know what they're doing.
Comment 55•13 years ago
|
||
Thanks Jorge. These users can't update Flash or Java, and if Firefox won't work on web pages, they'll use Safari and forget about Firefox. I've had many already state, "Firefox doesn't work but Safari does, why?" As long as they have their old PPC's they can't update their plugins.
Comment 56•13 years ago
|
||
Using out of date versions of Firefox on operating systems that are no longer supported by their vendors means that these users, regardless of whether they are using Firefox or Safari, are likely to pick up malware and have their computers compromised sooner or later. It is a nasty Internet out there and out of support systems are going to get infected in all likelihood.
Comment 57•13 years ago
|
||
(In reply to Al Billings [:abillings] from comment #56)
> Using out of date versions of Firefox on operating systems that are no
> longer supported by their vendors means that these users, regardless of
> whether they are using Firefox or Safari, are likely to pick up malware and
> have their computers compromised sooner or later. It is a nasty Internet out
> there and out of support systems are going to get infected in all likelihood.
I understand that, as I'm a computer consultant. But blocking Firefox from being used will only frustrate users who have good working computers that can't afford to purchase a new one. And the likelihood of a PPC user getting malware is a lot less than a PC (note I said "less").
Comment 58•13 years ago
|
||
I posted the instructions in comment#50 only for this case:
Unsupported browser version,plugin version, OS version and hardware platform (PPC).
This users are already affected by the out of date browser and a vulnerable plugin will not add much additional security risk. I recommend to disable the infobar for firefox versions that did not block the plugin (bug 758294).
I know that i will get SPAM mails in the future from this botnet drones but PPC may limit this :-(
Comment 59•13 years ago
|
||
Duplicate of this bug: 761724
Comment 60•13 years ago
|
||
Has anyone else noticed that on Mac OS X, 10.6.8 clients, Firefox 3.05 or even current v12 (doesn't matter), does not correctly identify the version of flash.
We have v11+ and it says it in the add-ons section, but it still blocks this.
IT IS ONLY ON NETWORK HOMES - comapred to local home accounts.
The Local user admin works fine.
PLEASE HELP - schools - and managed networks are failing and resorting to safari.
Reporter | ||
Comment 61•13 years ago
|
||
(In reply to patrick.helm from comment #60)
> Has anyone else noticed that on Mac OS X, 10.6.8 clients, Firefox 3.05 or
> even current v12 (doesn't matter), does not correctly identify the version
> of flash.
>
> We have v11+ and it says it in the add-ons section, but it still blocks this.
>
> IT IS ONLY ON NETWORK HOMES - comapred to local home accounts.
>
> The Local user admin works fine.
>
> PLEASE HELP - schools - and managed networks are failing and resorting to
> safari.
On newer versions of Firefox that support the infobar 'block' (FF4 and up), we are only notifying the user that their version of Flash is vulnerable. We are not blocking Flash from use, merely notifying that it should be updated. If mistakenly displaying the out-of-date Flash notification bar is a critical issue for you all, I suggest you disable the blocklist check (as in comment 50).
I'm adding the qawanted keyword to see if we can test the combination of a 10.6.8 network home, FF13, and a Flash version >10.2.159.1, to verify your issue. Any additional info would be helpful - where Flash was installed, whether the application or just the profile was on the network home, etc. We'll file a separate bug if we end up reproducing the problem, and fix the problem on our end.
Firefox 3.0.5 is unsupported by Mozilla, and therefore we won't be investigating any further there.
tracking-firefox14:
--- → +
Keywords: qawanted
Comment 62•13 years ago
|
||
Hi,
Whilst i appreciate the quick response, I'm not sure if you noticed the specifics of the issue.
It's not the firefox version that's of interest here, it's the type of network/local account scenario that changes the behaviour.
In firefox v3 or v12 (no difference), via a network authenticated login on the Mac, the user has flash blocked even though it is 11.*
When logged in as a local admin on the machine, the behaviour is normal.
When logged in as a network admin, the behaviour is abnormal.
When logged in as a standard network user, the behaviour is abnormal.
The option to remove and edit 600+ individual profiles, unless you can tell me how to script on a mac, the change to the about:config section, is not viable.
I hope this helps the clarification.
If they can't replicate, I'll try to get you guys the specific flash version, it wasn't absolutely current, but when is it - they release new ones every second day - much like firefox :P
I re-read your post and realised you have understood the issue in the 2nd last paragraph.. so cheers.
Comment 63•13 years ago
|
||
Alex, would it be possible to forward your qawanted request on to the Enterprise Testers list? I believe Patrick's problem requires an environment where network authentication is required to gain access to the operating system. I don't believe we have access to this type of environment for testing.
I believe the testing should be:
1) As a local admin, install Firefox 13.0.1 and Flash 10.2.159.1, log out
2) As a network admin, start Firefox and check the Flash version in about:plugins
3) As a network user, start Firefox and check the Flash version in about:plugins
4) As a local admin, update to the latest Flash 11.3 and repeat steps 2 & 3
I would expect the Flash version to match correctly.
Reporter | ||
Comment 64•13 years ago
|
||
(In reply to Anthony Hughes, Mozilla QA (irc: ashughes) from comment #63)
> Alex, would it be possible to forward your qawanted request on to the
> Enterprise Testers list?
Done.
Comment 65•13 years ago
|
||
number of crash reports where 10.2.59.1 was reported is about 60% of what it was a few weeks ago.
date pct. count flash version
20120501 0.007 571 10.2.159.1
20120502 0.009 699 10.2.159.1
20120503 0.008 624 10.2.159.1
20120504 0.007 579 10.2.159.1
20120505 0.006 569 10.2.159.1
20120506 0.007 598 10.2.159.1
20120507 0.007 567 10.2.159.1
20120508 0.008 615 10.2.159.1
20120509 0.007 533 10.2.159.1
20120510 0.007 571 10.2.159.1
20120511 0.008 610 10.2.159.1
20120512 0.007 550 10.2.159.1
20120513 0.009 618 10.2.159.1
20120514 0.007 543 10.2.159.1
20120515 0.008 614 10.2.159.1
20120516 0.007 552 10.2.159.1
20120517 0.008 638 10.2.159.1
20120518 0.007 536 10.2.159.1
20120519 0.008 565 10.2.159.1
20120520 0.007 514 10.2.159.1
20120521 0.008 585 10.2.159.1
20120522 0.008 623 10.2.159.1
20120523 0.008 599 10.2.159.1
20120524 0.007 557 10.2.159.1
20120525 0.007 535 10.2.159.1
20120526 0.007 489 10.2.159.1
20120527 0.007 497 10.2.159.1
20120528 0.006 457 10.2.159.1
20120529 0.007 514 10.2.159.1
20120530 0.007 496 10.2.159.1
20120531 0.006 443 10.2.159.1
20120601 0.006 434 10.2.159.1
20120602 0.006 431 10.2.159.1
20120603 0.006 430 10.2.159.1
20120604 0.006 443 10.2.159.1
20120605 0.005 394 10.2.159.1
20120606 0.005 384 10.2.159.1
20120607 0.005 376 10.2.159.1
20120608 0.006 467 10.2.159.1
20120609 0.005 409 10.2.159.1
20120610 0.005 445 10.2.159.1
20120611 0.004 416 10.2.159.1
20120612 0.003 382 10.2.159.1
20120613 0.003 363 10.2.159.1
20120614 0.003 398 10.2.159.1
20120615 0.003 421 10.2.159.1
20120616 0.003 416 10.2.159.1
20120617 0.003 395 10.2.159.1
Reporter | ||
Updated•13 years ago
|
status-firefox14:
--- → fixed
Comment 66•13 years ago
|
||
I don't think we need qawanted on this bug anymore, removing it.
Keywords: qawanted
Comment 67•12 years ago
|
||
Loading 14.0.1 on Network Login style machine on Mac OS X 10.6.8 still causes the Adobe Flash Plugin to be disabled.
flash version 11.3.300.265.
Network account login fails.
Local account is ok.
Updated•10 years ago
|
status-firefox14:
fixed → ---
tracking-firefox14:
+ → ---
Assignee | ||
Updated•9 years ago
|
Product: addons.mozilla.org → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•