Closed Bug 1608238 Opened 5 years ago Closed 5 years ago

Firefox - Updater: Allow the Download of Multiple Updates during a Single Browser Session as they become Available

Categories

(Toolkit :: Application Update, enhancement)

Product:
Toolkit
Component:
Application Update
Version:
71 Branch
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 353804

People

(Reporter: elliottabarnes, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0

Steps to reproduce:

I'd like to preface the following by stating that I unfortunately don't have much knowledge on the background of the Firefox Updater and the specifics of how it works, so my apologies if this suggestion is already in the pipeline or has previously been discussed; I haven't been able to find a similar issue if that's the case.

Assume the following:

  1. A user is running an older build of Firefox and has automatic updates enabled. During the current browser session, a new version of the browser is released and Firefox downloads this update in the background, and when complete displays a notification to the user advising that the update will be installed upon a restart of the browser. The user chooses to ignore this notification, and continues browsing

  2. Several hours later, a new security vulnerability is discovered that is widely being used to target users and as a result, a new point version of Firefox is released - due to the fact that there is already a pending update waiting to be installed, the user will only be made aware of this additional update the next time that Firefox is restarted and not during their current browsing session

The risk of the current approach that the Updater uses is that in the above example, this particular machine is more likely to be infected due to two updates needing to be performed; the original, and the newer point release that contains the mentioned security fix. However, the point release will only begin to download after the first update is installed, and not before.

Actual results:

N/A

Expected results:

To provide a safeguard in these situations, it may be useful for the Updater to check for new updates every couple of hours and if found, remove the pending update and download the newer one in its place so that when the browser is next restarted, the latest update is installed. Again, as mentioned I'm not sure if this is possible with the current implimentation, but thought it may be worth suggesting - for discussion/thoughts if nothing else.

Bugbug thinks this bug should belong to this component, but please revert this change in case of error.

Component: Untriaged → Application Update
Product: Firefox → Toolkit
Status: UNCONFIRMED → RESOLVED
Closed: 5 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.