Closed Bug 786439 Opened 12 years ago Closed 11 years ago

Add a warning to plugincheck to reflect known vulnerable plugins

Categories

(Websites :: plugins.mozilla.org, defect)

x86_64
Windows 7
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 570363

People

(Reporter: ygjb, Unassigned)

References

Details

There is currently a 0-day available for Java  7.0.60.24.  Visiting http://www.mozilla.org/en-US/plugincheck/ notifies a user that the plugin is up to date, which may result in users thinking that they are protected.

When a plugin is known to be vulnerable, it should be flagged with a warning so that users are aware that even though they have the most recent version, they are still vulnerable.
Component: Plugin Finder Service → plugins.mozilla.org
Product: Toolkit → Websites
ok i think the best solution so far is that we can mark the java 7 plugins as vulnerable because of the current situation.

cc'ing some webdev folks in case we make this much nicer since i think its a special situation here where the plugin itself is latest but vulnerable and no vendor update so far...maybe a infobar would be nice again?
ok plugincheck is updated with the vulnerable information
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.