Closed
Bug 807258
Opened 12 years ago
Closed 12 years ago
the last Flash 10.3 versions (10.3.183.20 (August 2012) and above) are not CTP-blocked
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Toolkit
Blocklist Policy Requests
Tracking
()
VERIFIED
FIXED
People
(Reporter: pauly, Unassigned)
References
Details
(Whiteboard: [plugin])
Now we have Flash Player below 10.3.183.19 blocked.
Since 10.3.183.29 is the latest 10.3 version, we should block anything below 10.3.183.29.
|
||
Updated•12 years ago
|
Component: Plug-ins → Blocklisting
OS: Windows 7 → All
Product: Core → addons.mozilla.org
Hardware: x86_64 → All
Whiteboard: [plugin]
Version: Trunk → unspecified
|
|
||
Comment 1•12 years ago
|
||
Adobe released Flash 10.3.183.43 (see http://www.adobe.com/support/security/bulletins/apsb12-24.html) making version 10.3.183.29 obsolete and vulnerable.
See also: http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html#main_Archived_versions
Summary: Flash 10.3 versions (10.3.183.20, 10.3.183.23 and 10.3.183.25) are not blocked → Flash 10.3 versions (10.3.183.20, 10.3.183.23, 10.3.183.25, and 10.3.183.29) are not blocked
|
|
||
Comment 2•12 years ago
|
||
The latest CTP-blocked Flash 11 is 11.4.402.286 released on October 2012.
See http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html
Thus, we allow Flash 10.3 versions with more vulnerabilities than in Flash 11.
Summary: Flash 10.3 versions (10.3.183.20, 10.3.183.23, 10.3.183.25, and 10.3.183.29) are not blocked → the last Flash 10.3 versions (10.3.183.20 (August 2012) and above) are not CTP-blocked
|
||
Comment 3•12 years ago
|
||
The new block is staged now: https://addons-dev.allizom.org/en-US/firefox/blocked/p281
Keywords: qawanted
(In reply to Jorge Villalobos [:jorgev] from comment #3)
> The new block is staged now:
> https://addons-dev.allizom.org/en-US/firefox/blocked/p281
Just to confirm this CTP blocks all Flash 10.3 versions from 10.3.183.20 to 10.3.183.63?
|
|
||
Comment 5•12 years ago
|
||
It CTP blocks all versions from 10.3.183.19 to 10.3.183.42, on Firefox 20 and above.
I think it is safe to push this to production based on the following results:
* Firefox 19.0 + Flash 10.3.183.29: NOT BLOCKED
* Firefox 20.0b1 + Flash 10.3.183.51: NOT BLOCKED
* Firefox 21.0a2 + Flash 10.3.183.20: CLICK-TO-PLAY
* Firefox 22.0a1 + Flash 10.3.183.25: CLICK-TO-PLAY
|
|
||
Comment 7•12 years ago
|
||
This block has just been pushed live: https://addons.mozilla.org/en-US/firefox/blocked/p290
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
(In reply to Jorge Villalobos [:jorgev] from comment #7)
> This block has just been pushed live:
> https://addons.mozilla.org/en-US/firefox/blocked/p290
Confirmed block is working as expected in production.
Status: RESOLVED → VERIFIED
Keywords: qawanted
|
Assignee | |
Updated•9 years ago
|
Product: addons.mozilla.org → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•