Форум поддержки Корпоративный Firefox

Why isn't firefox ESR 102.1 available for download via this link, it still downloads 91.12 which has vulnerabilities. https://www.mozilla.org/en-US/firefox/enterprise/ I found it after digging around but it was a hassel.

Hello, Qualys is detecting Vulnerabilites on our Firefox ESR 91.12 Versions which were patched by MFSA2022-29.

It is showing Vulnerabilities because MFSA2022-30 lists CVE's for ESR 102.X and we are on 91.12.

Is there anywhere I can go to get a list of all Vulnerabilities on 91.X to show our Security team, I believe CVE-2022-36314 and CVE-2022-2505 are not present in 91.12 because they are not listed in https://www.mozilla.org/en-US/security/advisories/mfsa2022-29/ but need evidence

Thank You,

I am deploying Mozilla Firefox using Intune. The application is deployed no problem but there is always the error in Intune portal. I was told that Mozilla Firefox has custom return codes to indicate post-installation behavior. That is why though the application itself is installed and works properly on the device, Intune portal does not know the status of the installation and gives the error. This error causes a lot of issues to the further application management. Dose any one knows what those codes are? Or maybe can point into the correct direction on how to get them. Thank you.

I am an administrator at a university and we use Blackboard and Zoom as a couple of the tools at our university. We install Firefox on all of our PCs across campus. After a recent update, when our instructors try to launch Zoom using the integration setup in Blackboard, the meeting fails to launch. We have found that disabling Enhanced Protection fixes this issue. Is there a way to add this exception to an install file that can be sent across many PCs on our campus? We have hundreds of PCs and going from one to another to install this exception would not be practical.

Do you have any suggestions? Justin

Hi We have had FF ers for some time. The old "no longer employed" sccm manager had the 64 bit version install in the x86 dir. We are now trying to use Qualys for patching. How can i move the 12k users bookmarks to the correct install path so Qualys can update when needed. Thanks TJ

Steps:

• Open Linux server via VNC
• Open Firefox
• Search the term "test"

Issue:

• The google result page doesn't fit into the window and has a horizontal scrollbar to see content on the right hand side

Note: I need my website to fit into browser properly at 100%(default) zoom itself for the purpose of automation because changing zoom level via selenium automation to press ctrl and minus 3 times causes unexpected behavior like even though value is filled in a textbox, it doesn't get sent in the API request payload. (Python 3.4.3, Selenium 3.12.0, GeckoDriver 0.31.0)

Versions:

• Ubuntu 14.04.6
• Firefox 91.13.0ESR
• VNC: Tight VNC Viewer 2.8.63 OR Real VNC Viewer 6.22.515

We have about 35 versions of firefox running across the enterprise (38 to 91) and I have been tasked to update the EOL dates for all versions we have to help bring things up to speed and know what is/is not supported.

I found this page with release dates (https://www.mozilla.org/en-US/firefox/releases/) but nothing about when a version has reached it's EOL. Any help would be appreciated.

Hi, Background: a few months ago I had to redeploy the CA for a network I manage. I was able to do so and publish the new intermediate CA's cert via Active Directory. Since then, I've updated certs on webhosts with certs from the new CA. Whenever a user uses FF (version 91.12.0) to browse to a site with the newly signed cert, I get an error stating "sec_error_ocsp_old". I've been able to temporarily advise users to disable OCSP Validation in FF security settings, but I'd REALLY like to fix this.

Other browsers (Edge, Chrome, Opera) all load the sites without issue.

Using this the below article, I double checked the time settings on the CA, Webserver, and clients: https://support.mozilla.org/en-US/kb/troubleshoot-time-errors-secure-websites

All the machines/VMs in question show the same time source, time, time zone, and sync interval.

I'm at a loss for what is happening. Any help would be greatly appreciated.

Hello, ever since we moved endpoints from Firefox ESR 91.13 to 102.3, it has become impossible to play any media with Firefox.

No video will play in youtube, for instance (it just loads endlessly as if it would start, but it doesn't).

Can't use radio websites either. Anything with a "play" button (video or sound) does nothing.

This has been tested with a clean profile, a clean install, after allowing autoplay in the settings.

Is there any info on what exactly changed between ESR 91 and 102 that might explain this ? There has been no system change, If I reinstall 91 instead it works again as usual.

No issues anywhere else on the endpoints (Edge, Windows), this is on Windows 10 if it makes any difference.

Tanks for any help on this.

Environment:

• Version: 102.3.0esr
• Build ID: 20220912135840
• OS: Windows_NT 10.0 19044

Issue: I had Firefox window 1 opened in virtual desktop 1, then I switched to virtual desktop 2 and open Firefox window 2 there. After using window 2 for some time, I switched back to virtual desktop 1 and found Firefox window 1 was gone. I checked `about:support` page but found no crash report there. I don't know what's going wrong.

Hello,

I'm trying to deploy Firefox with several languages.

I followed the guide on [https://support.mozilla.org/en-US/kb/deploying-firefox-language-packs].

Everything work fine until I set up ExtensionSettings policy. This policy hide and block languages menu.

After scratching my head for a while, I finally figured out how to do it. I would to like to know if an easier way to whitelist all locales and dictionaries. I would like to only control the extensions.

<enabled/> <data id="ExtensionSettings" value=' {

 "*": {
   "blocked_install_message": "Blocked by your administrator.",
   "installation_mode": "blocked",
   "allowed_types": ["extensions", "dictionary", "locale"]
 },
 "uBlock0@raymondhill.net": {
   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/latest/ublock-origin/latest.xpi"
 },

"qwantcomforfirefox@jetpack": {

   "installation_mode": "force_installed",
   "install_url": "https://addons.mozilla.org/firefox/downloads/file/3658805/latest.xpi"

}, "langpack-en-CA@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-en-GB@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-en-US@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-AR@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-CL@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-ES@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-es-MX@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-fr@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-pt-BR@firefox.mozilla.org": {

 "installation_mode": "allowed"

}, "langpack-pt-PT@firefox.mozilla.org": {

 "installation_mode": "allowed"

} }'/>

Thank you

Hi, trying to setup local update server for Firefox, and I hit on a problem:

Was testing on my PC which has for multiple reasons "normal" Firefox and get to the point where updates from local server are working, but then tried to test the PC where the ESR version is installed - was expecting the update will not be found, and I would download the MAR files for ESR, edit the update.xml.... but the ESR Firefox found and downloaded the "normal" update, but of course could not install it.

Is there a way to set in XML file that one update is only for ESR and another for Rapid release version of Firefox? How to setup local update server for both channels simultaneously?

Another minor question - is there a simple way how to get buildID for/from downloaded prebuild MAR file? Without it the in the XML file update process don't work correctly and only place I found it so far is in source code for that build.

Thanks.

I'm trying to configure the "Extension Management" policy for firefox in my company. We have 14 addons to manage. using JSON this will end to a line of about 2500 characters.

when I try to copy the code into the gpo I get a message telling me the limit is 2048 characters.

Is there a way to baypass this limitation ?

thank you

Hello,

I am managing Firefox for a very large organization. We have several extension that we deploy using registry keys and we don't allow users to install additional addons. However, since version 102.3 I noticed some extensions that are present on the machine as .xpi files, but should not install unless a specific application is also present, are also being activated. They are enabled in the add-on manager, the information is present in the "extensions.json" and "extension-preferences.json" files. This should not happen. Is there any way to prevent the activation of these files?

Thank you!

I posted this previously and got zero response and the post is now archived. Hoping for better luck this time.

We have rolled Firefox ESR to all of our computers. On some of them the Maintenance Service is working correctly and installing updates with no user interaction. On other computers, users are getting a UAC prompt to enter admin credentials to install updates. I have tried various changes that I have found across the web from Deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MozillaMaintenance\Security to uninstalling and re-installing the Maintenance Service. All of the users/computers have the same policies applied via Group Policy (Application Autoupdate: Enabled and Disable Update: Disabled) and are not local admins.

Nessus, Qualys, IBM Big Fix security scans constantly pick up firefox vulnerabilities. What we find is that either users have deleted the Firefox background update task or on servers, it never gets put onto the task scheduler. All other browsers have a channel update in the GPO files that ensure they are kept up to date and never show up in our scans. When will firefox put out similar channel GPOs and quit relying on the differently named task that we can't put into a group policy task scheduler, but constantly find firefox vulnerabilities from users that have deleted it so that group policy does not take effect.

Im working on a deployment package for Mozilla Firefox 106.0.1 when launching Firefox on a brand new user it automatically creates a shortuct for private browsing. Im looking for a way to disable this as the package im creating is an appv package and this new shortcut installs in users profile, so it won't be uninstalled. I have searched google but cant find any hits.

We have the following for customization: Application directory\defaults\pref: localsettings.js with these settings: pref("general.config.obscure_value", 0); // only needed if you do not want to obscure the content with ROT-13 pref("general.config.filename", "mozilla.cfg");

Application directory\mozilla.cfg with these settings: // Don't show WhatsNew on first run after every update pref("browser.startup.homepage_override.mstone","ignore");

// Don't show 'know your rights' on first run pref("browser.rights.3.shown", true);

// Disable Policy Notice on First Run pref("toolkit.telemetry.reportingpolicy.firstRun", false);

// Disable checkDefaultBrowser lockPref("browser.shell.checkDefaultBrowser", false);

Application directory\distribution\policies.json with the following settings: {

 "policies": {
   "DisableAppUpdate": true,

"DontCheckDefaultBrowser": true } }

Is there a corresponding GPO for this setting? I have been unable to find it and searching hasn't yielded much help.

I'm on 102 ESR with up to date admx files. This would be super helpful!

Thanks!

I recently deployed Mozilla Firefox 102.4 ESR here in our environment expecting that when a new version is released Firefox would automatically update on clients computers. Well today I noticed at a new release is out but isn't automatically updating on end users workstations. Does Firefox ESR not automatically update?