>From an off-thread reply this is: https://addons.mozilla.org/en-US/firefox/blocked/p428
https://bugzilla.mozilla.org/show_bug.cgi?id=636633 We blocked all versions last year, since it was easier than trying to block only the vulnerable versions (https://bugzilla.mozilla.org/show_bug.cgi?id=636633#c8). There have since been versions released that apparently have no known vulnerabilities. It's not clear why some people in the bug are so up in arms about the overly broad block - is the plugin actually useful in ways we weren't aware of, or do people just not like seeing the "blocked" message unnecessarily? With click to play on by default we could probably remove the broad block, but we'd want to still block the known-vulnerable versions, which would require coming up with a regexp that matches only the right versions. Gavin On Fri, Jul 18, 2014 at 11:17 AM, Gavin Sharp <ga...@gavinsharp.com> wrote: > Which warning are you referring to exactly? Do you have a screenshot? > > Gavin > > On Fri, Jul 18, 2014 at 5:48 AM, JW Clements <m...@jwcca.com> wrote: >> The issue was resolved by Oracle some time ago. >> Continued display of this message is disconcerting to some people and >> unwarranted. >> It was a good thing when the vulnerability was first discovered but it's now >> a bad thing. >> >> Could some dev pick this up and clear that message? >> >> Thanks >> >> _______________________________________________ >> dev-platform mailing list >> dev-platform@lists.mozilla.org >> https://lists.mozilla.org/listinfo/dev-platform _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
