Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

ძიება მხარდაჭერაში

ნუ გაებმებით თაღლითების მახეში მხარდაჭერის საიტზე. აქ არასდროს მოგთხოვენ სატელეფონო ნომერზე დარეკვას, შეტყობინების გამოგზავნას ან პირადი მონაცემების გაზიარებას. გთხოვთ, გვაცნობოთ რამე საეჭვოს შემჩნევისას „დარღვევაზე მოხსენების“ მეშვეობით.

ვრცლად

Foxit Reader Plugin for Mozilla 2.2.3.111 blocked while blocklist.xml tops out at maxVersion="2.2.1.530"

  • 2 პასუხი
  • 61 მომხმარებელი წააწყდა მსგავს სიძნელეს
  • 2 ნახვა
  • ბოლოს გამოეხმაურა keith20mm

Attempting to open a .pdf with Firefox 18.0, and having Foxit Reader Plugin for Mozilla 2.2.3.111 installed, I receive the gray lego piece page with text "The plugin is vulnerable and should be updated/Check for updates/Click here to activate the Foxit Reader for Mozilla plugin"

I look into the blocklist.xml file and find the plugin item:

     <pluginItem  blockID="p250">
                 <match name="filename" exp="npFoxitReaderPlugin\.dll" />                      <versionRange  minVersion="0" maxVersion="2.2.1.530" severity="0" vulnerabilitystatus="2"></versionRange>
                 </pluginItem>


Next, I view installed plugins and find: Foxit Reader Plugin for Mozilla 2.2.3.111, and it is not disabled.

My first question is why, when the installed plugin version is 2.2.3.111, and the blocklist maxVersion is 2.2.1.530, do I receive any kind of plugin blocked page?

My second question is "is there any method or technique so specifically unblock a particular plugin, without affecting any other plugin?"

I force-reinitialized the blocklist.xml file and database.

Currently, I am running extensions.blocklist.enabled false, to sidestep this exact problem, but would definitely prefer to have this set true.

Thanks.

Attempting to open a .pdf with Firefox 18.0, and having Foxit Reader Plugin for Mozilla 2.2.3.111 installed, I receive the gray lego piece page with text "The plugin is vulnerable and should be updated/Check for updates/Click here to activate the Foxit Reader for Mozilla plugin" I look into the blocklist.xml file and find the plugin item: <pluginItem blockID="p250"> <match name="filename" exp="npFoxitReaderPlugin\.dll" /> <versionRange minVersion="0" maxVersion="2.2.1.530" severity="0" vulnerabilitystatus="2"></versionRange> </pluginItem> Next, I view installed plugins and find: Foxit Reader Plugin for Mozilla 2.2.3.111, and it is not disabled. My first question is why, when the installed plugin version is 2.2.3.111, and the blocklist maxVersion is 2.2.1.530, do I receive any kind of plugin blocked page? My second question is "is there any method or technique so specifically unblock a particular plugin, without affecting any other plugin?" I force-reinitialized the blocklist.xml file and database. Currently, I am running extensions.blocklist.enabled false, to sidestep this exact problem, but would definitely prefer to have this set true. Thanks.

ყველა პასუხი (2)

See:

  • bug 828982 - Plugin block request: Foxit Reader Plugin 2.2.1.530 and below due to critical vulnerability

(please do not comment in bug reports: https://bugzilla.mozilla.org/page.cgi?id=etiquette.html)

Hi cor-el,

I did see the bug report, that relates to 2.2.1.530 AND BELOW.

The current installed plugin is 2.2.3.111, which is ABOVE 2.2.1.530, hence the blocklist should not apply, since its setting "maxVersion", apparently the maximum version to which the block list should apply, is 2.2.1.530.

Thank your for looking into this, though.

Possibly I do not understand the maxVersion property in the .xml?