QA/Desktop Firefox/Plugins/Blocklisting/Java: Difference between revisions

Jump to navigation Jump to search

QA/Desktop Firefox/Plugins/Blocklisting/Java (view source)

Revision as of 01:30, 25 June 2013

2,602 bytes removed ,  25 June 2013
no edit summary
(Created page with "== Summary == The following is a test plan to qualify blocklisting Oracle's Java plug-in due to the following [http://www.us-cert.gov/ncas/current-activity/2013/06/18/Oracle-J...")
 
No edit summary
Line 1: Line 1:
== Summary ==
== Summary ==
The following is a test plan to qualify blocklisting Oracle's Java plug-in due to the following [http://www.us-cert.gov/ncas/current-activity/2013/06/18/Oracle-Java-SE-Critical-Patch-Update-Announcement-June-2013 advisory]:
The following page tracks testing of various blocklists for the Java plug-in.


<pre>
=== Java 7u21 & 6u45 ===
Oracle has released a June 2013 Critical Patch Update for Oracle Java SE. This Critical Patch Update
* {{bug|885362}} Click-to-play block Java 7u21 & 6u45
is a collection of patches for multiple security vulnerabilities in Oracle Java SE. The update contains
* Test: [https://moztrap.mozilla.org/manage/case/6886/ Moztrap Test #6886]
40 new security vulnerability fixes, including a patch for Oracle JavaDoc frame injection vulnerability VU#225657.  
* Downloads: [http://www.oldapps.com/java.php oldapps.com]
Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply
Critical Patch Update fixes as soon as possible.


The following versions of Oracle Java SE are affected:
==== Staging ====
''NN'' signifies the minor version, try to use a different minor version each test
* Windows XP
** {{ok|}} Firefox 24.0a1 & Java 7u25 (not blocked)
** {{ok|}} Firefox 23.0a2 & Java 7u21 (click-to-play)
** {{ok|}} Firefox 22.0b6 & Java 6u43 (click-to-play)
** {{ok|}} Firefox 21.0 & Java 6u41 (click-to-play)
* Windows 7 64-bit
** {{ok|}} Firefox 23.0a2 & Java Java 7u25 (not blocked)
** {{ok|}} Firefox 22.0b5 & Java 7u17 (click-to-play)
** {{ok|}} Firefox 19.0 & Java 6u39 (click-to-play)
** {{ok|}} Firefox 17.0.6esr & Java 6u30 (click-to-play)
* Mac OSX 10.8
** {{ok|}} Firefox 19.0 & Java 7u25 (not blocked)
** {{ok|}} Firefox 23.0a2 & Java 7u10 (click-to-play)
** {{ok|}} Firefox 21.0b6 & Java 6u37 (click-to-play)
** {{ok|}} Firefox 17.0.5esr & Java 6u35 (click-to-play)


    JDK and JRE 7 Update 21 and earlier
==== Production ====
    JDK and JRE 6 Update 45 and earlier
    JDK and JRE 5.0 Update 45 and earlier
    JavaFX 2.2.21 and earlier
 
US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies
to determine which updates should be applied.
</pre>
 
''See also {{bug|885362}}''
 
== Instructions ==
* Steps to test blocklisting can be found in [https://moztrap.mozilla.org/manage/case/6886/ Moztrap]
* ''Step 3'' only applies for testing the ''staging'' server, skip this step if you are testing in ''production''
 
== Staging ==
=== Java 7 ===
{| class="querytable"
| class="header" style="width:25%" | Java Version
| class="header" style="width:25%" | Windows
| class="header" style="width:25%" | Mac OSX
| class="header" style="width:25%" | Linux
|-
| Java 7u25 (not blocked)
| {{done|}} Firefox 24 en-US
| {{done|}} Firefox 20 de
| {{done|}} Firefox 17esr es-ES
|-
| Java 7u24 (click-to-play)
| Firefox 23 de
| Firefox 19 es-ES
| Firefox 24 fr
|-
| Java 7u23 (click-to-play)
| Firefox 22 es-ES
| Firefox 18 fr
| Firefox 23 it
|-
| Java 7u22 (click-to-play)
| Firefox 21 fr
| Firefox 17 it
| Firefox 22 pt-BR
|-
| Java 7u21 (click-to-play)
| {{fail|}} Firefox 20 it (A)
| {{fail|}} Firefox 17esr pt-BR (A)
| Firefox 21 ro
|-
| Java 7u20 (click-to-play)
| Firefox 19 pt-BR
| Firefox 24 ro
| Firefox 20 ko
|-
| Java 7u19 (click-to-play)
| Firefox 18 ro
| Firefox 23 ko
| Firefox 19 zh-TW
|-
| Java 7u18 (click-to-play)
| Firefox 17 ko
| Firefox 22 zh-TW
| Firefox 18 ja
|-
| Java 7u17 (click-to-play)
| {{fail|}} Firefox 17esr zh-TW (A)
| {{fail|}} Firefox 21 ja (A)
| Firefox 17 en-US
|-
| Java 7u16 (click-to-play)
| Firefox 24 ja
| Firefox 20 en-US
| Firefox 17esr en-US
|}
*Notes
** (A) There is no click-to-play block, softblock and hardblock after following steps from 1-7 from [https://moztrap.mozilla.org/manage/case/6886/ Moztrap] test case. Expected results from Step 8 are not met.
 
=== Java 6 ===
{| class="querytable"
| class="header" style="width:25%" | Java Version
| class="header" style="width:25%" | Windows
| class="header" style="width:25%" | Mac OSX
| class="header" style="width:25%" | Linux
|-
| Java 6u46 (not blocked)
| Firefox 24 en-US
| Firefox 20 de
| Firefox 17esr es-ES
|-
| Java 6u45 (click-to-play)
| {{fail|}} Firefox 23 de
| Firefox 19 es-ES
| Firefox 24 fr
|-
| Java 6u44 (click-to-play)
| Firefox 21 fr
| Firefox 17 it
| Firefox 22 pt-BR
|-
| Java 6u43 (click-to-play)
| {{fail|}} Firefox 18 ro (A)
| Firefox 23 ko
| Firefox 19 zh-TW
|-
| Java 6u42 (click-to-play)
| Firefox 24 ja
| Firefox 20 en-US
| Firefox 17esr en-US
|}
*Notes
** (A) There is no click-to-play block, softblock and hardblock after following steps from 1-7 from [https://moztrap.mozilla.org/manage/case/6886/ Moztrap] test case. Expected results from Step 8 are not met.
 
== Production ==
Ashughes
Confirmed users
14,525

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/669869"

Navigation menu