Closed
Bug 927273
Opened 11 years ago
Closed 11 years ago
Plugin block request: Java 7 up to Update 44
Categories
(Toolkit :: Blocklist Policy Requests, defect)
Toolkit
Blocklist Policy Requests
Tracking
()
RESOLVED
FIXED
People
(Reporter: cbook, Assigned: jorgev)
References
Details
(Whiteboard: [plugin])
see Bug 927057 - Java 7u45 was released and 7u45 contains fixes for security vulnerabilities (i guess this means that 7u40 is vulnerable etc)
So since we block the other old versions might might block 7u40 too
|
||
Comment 1•11 years ago
|
||
We are already CTP blocking all plugins except the latest Flash Player, no?
|
Assignee | |
Comment 3•11 years ago
|
||
(In reply to Masatoshi Kimura [:emk] from comment #1)
> We are already CTP blocking all plugins except the latest Flash Player, no?
Not yet, no. That's bug 914690 (for Java) and it's limited to Firefox 24 and above.
Assignee: nobody → jorge
|
|
Assignee | |
Comment 4•11 years ago
|
||
Blocked:
Java Plugin 7 update 25 to 44 (click-to-play), Mac OS X
https://addons.mozilla.org/en-US/firefox/blocked/p459
Java Plugin 7 update 25 to 44 (click-to-play), Windows
https://addons.mozilla.org/en-US/firefox/blocked/p458
Java Plugin 7 update 25 to 44 (click-to-play), Linux
https://addons.mozilla.org/en-US/firefox/blocked/p457
Status: NEW → RESOLVED
Closed: 11 years ago
Keywords: verifyme
QA Contact: anthony.s.hughes
Resolution: --- → FIXED
Ioana, please have someone on your team test this overnight tonight and reopen if the blocks aren't working. Thanks.
Flags: needinfo?(ioana.budnar)
|
||
Comment 6•11 years ago
|
||
Paul is the QA owner of CTP, so he'll take over this.
Flags: needinfo?(ioana.budnar)
|
||
Comment 7•11 years ago
|
||
(In reply to Masatoshi Kimura [:emk] from comment #1)
> We are already CTP blocking all plugins except the latest Flash Player, no?
you're talking probably about bug 899080, but that's normal blocking, we want vulnerable blocking for java
|
|
||
Comment 8•11 years ago
|
||
(In reply to Jorge Villalobos [:jorgev] from comment #4)
> Blocked:
>
> Java Plugin 7 update 25 to 44 (click-to-play), Mac OS X
> https://addons.mozilla.org/en-US/firefox/blocked/p459
>
> Java Plugin 7 update 25 to 44 (click-to-play), Windows
> https://addons.mozilla.org/en-US/firefox/blocked/p458
>
> Java Plugin 7 update 25 to 44 (click-to-play), Linux
> https://addons.mozilla.org/en-US/firefox/blocked/p457
Everything's ok on Win and Mac.
But this is NOT working on Linux. j7u25, j7u40 are not blocked.
Careful, j7u25 on Linux is called 1.7.0_25
j7u40 -> 10.40.2
j7u45 -> 10.45.2
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
What are the strings for these Java versions in about:plugins? Maybe the blocklist.xml regex isn't working.
|
|
Assignee | |
Updated•11 years ago
|
Summary: Plugin block request: Java 7u45 → Plugin block request: Java 7 up to Update 44
|
||
Comment 10•11 years ago
|
||
(In reply to Anthony Hughes, Mozilla QA (:ashughes) from comment #9)
> What are the strings for these Java versions in about:plugins? Maybe the
> blocklist.xml regex isn't working.
Nevermind, see https://bugzilla.mozilla.org/show_bug.cgi?id=914690#c17. We'll need to get the strings before moving ahead.
|
|
||
Comment 11•11 years ago
|
||
|
|
||
Comment 12•11 years ago
|
||
(In reply to Paul Silaghi, QA [:pauly] from comment #11)
> Done. https://wiki.mozilla.org/QA/Plugins/About:Plugins#Linux_2
Jorge, I trust the information provided by Paul is what you need to move forward with this?
Flags: needinfo?(jorge)
|
|
Assignee | |
Comment 13•11 years ago
|
||
Yes, that's enough to move forward with this.
Flags: needinfo?(jorge)
|
|
Assignee | |
Comment 14•11 years ago
|
||
I updated the regular expression for Linux. Please give it an hour or so and test again.
Status: REOPENED → RESOLVED
Closed: 11 years ago → 11 years ago
Resolution: --- → FIXED
|
|
||
Comment 15•11 years ago
|
||
This block appears to be working as expected for me.
Status: RESOLVED → VERIFIED
Keywords: verifyme
|
||
Comment 16•11 years ago
|
||
This block is ridiculous and prevents operation of many legitimate websites.
DEAR MORONS,
PLEASE REVERSE THE BLOCK ASAP, OR AT LEAST ALLOW THE USER TO ADD AN EXCEPTION.
UNLESS OF COURSE YOU WANT TO REDUCE YOUR USER BASE.
KIND REGARDS,
A. USER
|
|
||
Comment 17•11 years ago
|
||
(In reply to Jake from comment #16)
Jake, I respectfully ask that you familiarize yourself with https://bugzilla.mozilla.org/page.cgi?id=etiquette.html before leaving any more comments in Bugzilla.
Thank you.
|
||
Comment 18•11 years ago
|
||
https://addons.mozilla.org/en-US/firefox/blocked/p463 is wrong as it is blocking Java 7u45 that as far as the last critical patch update from Oracle at http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html is *NOT* vulnerable.
Please fix.
Status: VERIFIED → REOPENED
Resolution: FIXED → ---
|
Reporter | |
Comment 19•11 years ago
|
||
(In reply to alex_mayorga from comment #18)
> https://addons.mozilla.org/en-US/firefox/blocked/p463 is wrong as it is
> blocking Java 7u45 that as far as the last critical patch update from Oracle
> at http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html
> is *NOT* vulnerable.
>
> Please fix.
different issue - its not that bug, its https://bugzilla.mozilla.org/show_bug.cgi?id=914690 - please see there comment #50
|
||
Updated•11 years ago
|
Status: REOPENED → RESOLVED
Closed: 11 years ago → 11 years ago
Resolution: --- → FIXED
|
||
Updated•9 years ago
|
Product: addons.mozilla.org → Toolkit
You need to log in
before you can comment on or make changes to this bug.
Description
•