Closed
Bug 885362
Opened 12 years ago
Closed 12 years ago
Blocklist all Java versions up to 7u21, 6u45 and 5u45
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Tracking
()
RESOLVED
FIXED
2013-07-04
People
(Reporter: alex_mayorga, Assigned: jorgev)
References
()
Details
Attachments
(1 file)
|
2.17 MB,
application/octet-stream
|
Details |
Please put up a block list for older Java versions given that based on the URL below:
"Oracle has released a June 2013 Critical Patch Update for Oracle Java SE. This Critical Patch Update is a collection of patches for multiple security vulnerabilities in Oracle Java SE. The update contains 40 new security vulnerability fixes, including a patch for Oracle JavaDoc frame injection vulnerability VU#225657. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible.
The following versions of Oracle Java SE are affected:
JDK and JRE 7 Update 21 and earlier
JDK and JRE 6 Update 45 and earlier
JDK and JRE 5.0 Update 45 and earlier
JavaFX 2.2.21 and earlier"
|
Assignee | |
Comment 1•12 years ago
|
||
We should discuss a plan for this on the meeting today.
Assignee: nobody → jorge
QA Contact: anthony.s.hughes
|
|
Assignee | |
Comment 2•12 years ago
|
||
(In reply to alex_mayorga from comment #0)
> JDK and JRE 7 Update 21 and earlier
Latest version on java.com is U25, so we should block up to 24.
> JDK and JRE 6 Update 45 and earlier
OK.
> JDK and JRE 5.0 Update 45 and earlier
> JavaFX 2.2.21 and earlier"
We don't block either of those.
|
|
Assignee | |
Comment 3•12 years ago
|
||
Blocks are staged now:
Java Plugin 6 updates 42 to 45 (click-to-play), Linux
https://addons-dev.allizom.org/en-US/firefox/blocked/p355
Java Plugin 6 updates 42 to 45 (click-to-play), Windows
https://addons-dev.allizom.org/en-US/firefox/blocked/p353
Java Plugin 6 updates 42 to 45 (click-to-play), Mac OS X
https://addons-dev.allizom.org/en-US/firefox/blocked/p351
Java Plugin 7 update 16 to 24 (click-to-play), Linux
https://addons-dev.allizom.org/en-US/firefox/blocked/p349
Java Plugin 7 update 16 to 24 (click-to-play), Windows
https://addons-dev.allizom.org/en-US/firefox/blocked/p347
Java Plugin 7 update 16 to 24 (click-to-play), Mac OS X
https://addons-dev.allizom.org/en-US/firefox/blocked/p345
What's the deadline to have these in production? QA is pretty much focused 100% on signing off next week's releases and I can't guarantee a quick turn-around this week.
|
|
Assignee | |
Comment 5•12 years ago
|
||
It's not urgent. It can wait for next week (or the following week, if really necessary).
Thanks Jorge, I've coordinated some testing to occur within any free cycles we have outside of releases over the next week. I'll update this bug when results on staging are ready.
|
Reporter | |
Comment 7•12 years ago
|
||
(In reply to Jorge Villalobos [:jorgev] from comment #2)
> (In reply to alex_mayorga from comment #0)
> > JDK and JRE 7 Update 21 and earlier
>
> Latest version on java.com is U25, so we should block up to 24.
>
There's no such a thing as Java 7u24, see http://www.oracle.com/technetwork/java/javase/7u-relnotes-515228.html
|
|
Assignee | |
Comment 8•12 years ago
|
||
(In reply to alex_mayorga from comment #7)
> There's no such a thing as Java 7u24, see
> http://www.oracle.com/technetwork/java/javase/7u-relnotes-515228.html
Ah, I see, thanks. Doesn't matter, though, as long as it blocks everything under 25.
Testing on staging is complete and QA signs off:
https://wiki.mozilla.org/QA/Desktop_Firefox/Plugins/Blocklisting/Java#Staging
|
|
Assignee | |
Comment 10•12 years ago
|
||
The blocks are now live.
https://addons.mozilla.org/en-US/firefox/blocked/p412
https://addons.mozilla.org/en-US/firefox/blocked/p414
https://addons.mozilla.org/en-US/firefox/blocked/p416
https://addons.mozilla.org/en-US/firefox/blocked/p418
https://addons.mozilla.org/en-US/firefox/blocked/p420
https://addons.mozilla.org/en-US/firefox/blocked/p422
Status: NEW → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Target Milestone: --- → 2013-07-04
|
||
Comment 11•12 years ago
|
||
Hi
I wanted to post a comment that you have made a lack of infomation on the block page
Firstly I visit this page
https://addons.mozilla.org/en-US/firefox/blocked/p420
Where is the user friendly link to the Java download website?
Secondly "All users are strongly recommended to update on our plugin check page."
Great... visit the page:
https://www.mozilla.org/en-US/plugincheck/
The site says "Your Java is up to date"
Go back to a java enabled site. "Err... NO Mozilla has blocked java... Your still using an old version"
Suggestion
1. Please include a download link on block pages
2. Please update the Plugin "check up" site
|
|
||
Comment 12•12 years ago
|
||
Hi Adam,
Could you attach a screenshot of the '..blocked..' you are seeing? Do you see the '..blocked..' message on all Java enabled sites?
|
|
||
Comment 13•12 years ago
|
||
I don't have a screenshot Roger
Whats potentially happening people get the block message because Java or Firefox process is still running in the background. Meaning firefox will run an old version of java until the processes are reset or the computer reboots (easier and common method)
At the time Firefox was showing Java U21 version. Since I ran both 32/64bit version of Java update and restarted the computer the Java version changed in firefox
So in other words firefox still thought I was running the older version and therefore blocked me
My understanding from doing desktop support and desktop application deployments (SCCM).
1. Firstly install multiple version of java which could confuse Firefox/IE/Chrome Browser
2. Java fails to install when Firefox/IE running. Which could break things unless the process browser is stopped first before java install
Adam
|
|
||
Comment 14•12 years ago
|
||
The standard blocked message will come from Firefox
Best way to simulate this would be install firefox on a clean test box and run Java u21. Which is a blocked plugin version by firefox themselves
|
|
||
Comment 15•12 years ago
|
||
I've tested on production following versions of FF and java using for all of them Windows XP:
Firefox 25.0a1 & Java 7u25 (not blocked)
Firefox 24.0a2 & Java 7u21 (click-to-play)
Firefox 22.0 & Java 6u43 (click-to-play)
Firefox 21.0 & Java 6u41 (click-to-play)
I confirm all these versions metioned above work as expected without any issue!
For more information about our test please see:
https://wiki.mozilla.org/QA/Desktop_Firefox/Plugins/Blocklisting/Java#Production
|
|
||
Comment 16•12 years ago
|
||
I am unable to run Java on my PC, it seems I have no control at all over this issue,
|
|
||
Comment 17•12 years ago
|
||
Please see this video on how I am unable to use Java
|
|
||
Comment 18•12 years ago
|
||
(In reply to Frank Davis from comment #16)
> I am unable to run Java on my PC, it seems I have no control at all over
> this issue,
Please take your issue to support.mozilla.org
|
|
||
Comment 19•12 years ago
|
||
I am not able to open the game "Old School Runescape" because my java is out of date and it is impossible to download it and it tells me that the java toolkit is blocked. There is no way of me being able to install java.
|
|
||
Comment 20•12 years ago
|
||
Jessica, please head on over to support.mozilla.org so someone can help you with your issue.
|
||
Updated•9 years ago
|
Product: addons.mozilla.org → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•