Closed
Bug 520326
Opened 15 years ago
Closed 15 years ago
Quicktime 7.6.3 reported Potentially Vulnerable for Snow Leopard
Categories
(addons.mozilla.org Graveyard :: Plugins, defect)
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: Mardak, Unassigned)
References
Details
https://www-trunk.stage.mozilla.com/en-US/plugincheck/ The latest version of Quicktime X for Snow Leopard seems to be interally versioned as 7.6.3. The Apple website for quicktime only has 7.6.4 for Leopard and Tiger, and there's no update for Snow Leopard.
Comment 1•15 years ago
|
||
We need the JSON file to have a 7.6.3.0 that is returned as latest when the clientOS=Intel+Mac+OS+X+10.6 I've added this object to the releases property: { "version": "7.6.3.0", "guid": "{a42bb825-7eee-420f-8ee7-834062b6fefd}", "os_name": "mac os x 10.6", "status": "latest" } Making the request only returns 7.6.4.0 jsonp1254630926594([{"aliases":{"regex":[".*QuickTime.*"],"literal":["QuickTime Plug-in"]},"releases":{"latest":{"pfs_id":"apple-quicktime","name":"QuickTime Plug-in","vendor":"Apple","url":"http:\/\/www.apple.com\/quicktime\/download\/","status":"latest","guid":"{a42bb825-7eee-420f-8ee7-834062b6fefd}","version":"7.6.4.0","manual_installation_url":"http:\/\/www.apple.com\/quicktime\/download\/","modified":"2009-10-06T07:25:38+00:00","app_id":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","app_release":"*","app_version":"*","locale":"*","os_name":"mac"},"others":[]}}]) changing the os value to '10.6' didn't work changing the os value to 'mac' does of course return : jsonp1254630926594([{"aliases":{"regex":[".*QuickTime.*"],"literal":["QuickTime Plug-in"]},"releases":{"latest":{"pfs_id":"apple-quicktime","name":"QuickTime Plug-in","vendor":"Apple","url":"http:\/\/www.apple.com\/quicktime\/download\/","status":"latest","guid":"{a42bb825-7eee-420f-8ee7-834062b6fefd}","version":"7.6.4.0","manual_installation_url":"http:\/\/www.apple.com\/quicktime\/download\/","modified":"2009-10-06T07:24:22+00:00","app_id":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","app_release":"*","app_version":"*","locale":"*","os_name":"mac"},"others":[{"pfs_id":"apple-quicktime","name":"QuickTime Plug-in","vendor":"Apple","url":"http:\/\/www.apple.com\/quicktime\/download\/","status":"latest","guid":"{a42bb825-7eee-420f-8ee7-834062b6fefd}","version":"7.6.3.0","manual_installation_url":"http:\/\/www.apple.com\/quicktime\/download\/","modified":"2009-10-06T07:24:22+00:00","app_id":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","app_release":"*","app_version":"*","locale":"*","os_name":"mac"}]}}]) What is the correct way to enter the info so that * Mac OS X 10.6 gets 7.6.3.0 as the latest * Other Mac OS X get 7.6.4.0 as the latest
Comment 2•15 years ago
|
||
r52938 should fix this. The first thing is that the OS needs to be an exact (though lower-case) match: { "version": "7.6.3.0", "guid": "{a42bb825-7eee-420f-8ee7-834062b6fefd}", "os_name": "intel mac os x 10.6", "status": "latest" } The second thing is that I needed to rework the relevance handling a bit to allow what looks like a lesser version to preempt another version that's a less exact OS match
Comment 3•15 years ago
|
||
Actually, that second point is not quite right. The server doesn't do any version comparisons. The real issue was that it wasn't properly prioritizing exact matches of OS names as more relevant than less exact or wildcard matches
Comment 4•15 years ago
|
||
Looks like staging is reporting the correct thing now: Portafilter:~/devel/mozilla/pfs2 lorchard$ curl -s 'http://pfs2.stage.mozilla.com/?mimetype=application/sdp&appID=%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D&appVersion=2008052906&appRelease=3.5&clientOS=Intel+Mac+OS+X+10.5&chromeLocale=ja-JP' ; echo [{"aliases":{"regex":[".*QuickTime.*"],"literal":["QuickTime Plug-in"]},"releases":{"latest":{"pfs_id":"apple-quicktime","name":"QuickTime Plug-in","vendor":"Apple","url":"http:\/\/www.apple.com\/quicktime\/download\/","status":"latest","guid":"{a42bb825-7eee-420f-8ee7-834062b6fefd}","version":"7.6.4.0","manual_installation_url":"http:\/\/www.apple.com\/quicktime\/download\/","modified":"2009-10-06T22:50:01+00:00","app_id":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","app_release":"*","app_version":"*","locale":"*","os_name":"mac","relevance":4},"others":[]}}] Portafilter:~/devel/mozilla/pfs2 lorchard$ curl -s 'http://pfs2.stage.mozilla.com/?mimetype=application/sdp&appID=%7Bec8030f7-c20a-464f-9b0e-13a3a9e97384%7D&appVersion=2008052906&appRelease=3.5&clientOS=Intel+Mac+OS+X+10.6&chromeLocale=ja-JP' ; echo [{"aliases":{"regex":[".*QuickTime.*"],"literal":["QuickTime Plug-in"]},"releases":{"latest":{"pfs_id":"apple-quicktime","name":"QuickTime Plug-in","vendor":"Apple","url":"http:\/\/www.apple.com\/quicktime\/download\/","status":"latest","guid":"{a42bb825-7eee-420f-8ee7-834062b6fefd}","version":"7.6.3.0","manual_installation_url":"http:\/\/www.apple.com\/quicktime\/download\/","modified":"2009-10-06T22:50:01+00:00","app_id":"{ec8030f7-c20a-464f-9b0e-13a3a9e97384}","app_release":"*","app_version":"*","locale":"*","os_name":"intel mac os x 10.6","relevance":7},"others":[]}}]
Status: NEW → RESOLVED
Closed: 15 years ago
Resolution: --- → FIXED
Comment 6•15 years ago
|
||
Edward, can you confirm that this is now fixed for you? Thanks!
Reporter | ||
Comment 7•15 years ago
|
||
Verified using production (trunk seems broken): https://www.mozilla.com/en-US/plugincheck/
Status: RESOLVED → VERIFIED
Comment 8•15 years ago
|
||
(In reply to comment #7) Bug#522145 - trunk only appears broken
Assignee | ||
Updated•8 years ago
|
Product: addons.mozilla.org → addons.mozilla.org Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•