QA/Desktop Firefox/Plugins/Blocklisting/Java

From MozillaWiki
< QA‎ | Desktop Firefox‎ | Plugins/Blocklisting
Revision as of 01:13, 25 June 2013 by Ashughes (talk | contribs) (Created page with "== Summary == The following is a test plan to qualify blocklisting Oracle's Java plug-in due to the following [http://www.us-cert.gov/ncas/current-activity/2013/06/18/Oracle-J...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Summary

The following is a test plan to qualify blocklisting Oracle's Java plug-in due to the following advisory: 

 Oracle has released a June 2013 Critical Patch Update for Oracle Java SE. This Critical Patch Update 
 is a collection of patches for multiple security vulnerabilities in Oracle Java SE. The update contains 
 40 new security vulnerability fixes, including a patch for Oracle JavaDoc frame injection vulnerability VU#225657. 
 Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply 
 Critical Patch Update fixes as soon as possible.

 The following versions of Oracle Java SE are affected:

    JDK and JRE 7 Update 21 and earlier
    JDK and JRE 6 Update 45 and earlier
    JDK and JRE 5.0 Update 45 and earlier
    JavaFX 2.2.21 and earlier

 US-CERT encourages users and administrators to review the bulletin and follow best-practice security policies 
 to determine which updates should be applied.

See also bug 885362

Instructions

  • Steps to test blocklisting can be found in Moztrap
  • Step 3 only applies for testing the staging server, skip this step if you are testing in production

Staging

Java 7

Java Version Windows Mac OSX Linux
Java 7u25 (not blocked) [DONE] Firefox 24 en-US [DONE] Firefox 20 de [DONE] Firefox 17esr es-ES
Java 7u24 (click-to-play) Firefox 23 de Firefox 19 es-ES Firefox 24 fr
Java 7u23 (click-to-play) Firefox 22 es-ES Firefox 18 fr Firefox 23 it
Java 7u22 (click-to-play) Firefox 21 fr Firefox 17 it Firefox 22 pt-BR
Java 7u21 (click-to-play) [FAIL] Firefox 20 it (A) [FAIL] Firefox 17esr pt-BR (A) Firefox 21 ro
Java 7u20 (click-to-play) Firefox 19 pt-BR Firefox 24 ro Firefox 20 ko
Java 7u19 (click-to-play) Firefox 18 ro Firefox 23 ko Firefox 19 zh-TW
Java 7u18 (click-to-play) Firefox 17 ko Firefox 22 zh-TW Firefox 18 ja
Java 7u17 (click-to-play) [FAIL] Firefox 17esr zh-TW (A) [FAIL] Firefox 21 ja (A) Firefox 17 en-US
Java 7u16 (click-to-play) Firefox 24 ja Firefox 20 en-US Firefox 17esr en-US
  • Notes
    • (A) There is no click-to-play block, softblock and hardblock after following steps from 1-7 from Moztrap test case. Expected results from Step 8 are not met.

Java 6

Java Version Windows Mac OSX Linux
Java 6u46 (not blocked) Firefox 24 en-US Firefox 20 de Firefox 17esr es-ES
Java 6u45 (click-to-play) [FAIL] Firefox 23 de Firefox 19 es-ES Firefox 24 fr
Java 6u44 (click-to-play) Firefox 21 fr Firefox 17 it Firefox 22 pt-BR
Java 6u43 (click-to-play) [FAIL] Firefox 18 ro (A) Firefox 23 ko Firefox 19 zh-TW
Java 6u42 (click-to-play) Firefox 24 ja Firefox 20 en-US Firefox 17esr en-US
  • Notes
    • (A) There is no click-to-play block, softblock and hardblock after following steps from 1-7 from Moztrap test case. Expected results from Step 8 are not met.

Production

Retrieved from "https://wiki.mozilla.org/index.php?title=QA/Desktop_Firefox/Plugins/Blocklisting/Java&oldid=669864"