Closed
Bug 662460
Opened 13 years ago
Closed 13 years ago
Update Flash warning on the Firefox What's New page for Flash version 10.3.181.22
Categories
(www.mozilla.org :: General, defect)
www.mozilla.org
General
Tracking
(Not tracked)
VERIFIED
FIXED
2.8
People
(Reporter: kohei, Assigned: gauthierm)
Details
+++ This bug was initially created as a clone of Bug #651958 +++ via bug 662270. detect-flash.js should be updated. Note that the previous version was 10.3.181.14 and the latest version is 10.3.181.22. Because detect-flash.js only checks the major version, minor version and revision, it fails to detect the vulnerable version. We also have to check the *build number*. And one more thing: why not use navigator.plugins['Shockwave Flash'].version to detect the accurate version? The script is only used on the Firefox 3.6+ whatsnew pages, it could be so simple like this: http://mozilla.jp/js/mj/detect-flash.js
Updated•13 years ago
|
Assignee: nobody → cbrodigan
Reporter | ||
Comment 1•13 years ago
|
||
The XSS 0-day exploits are in the wild; please update the warning right now.
Severity: normal → critical
Summary: Update Flash Warning content on the Firefox What's New page for Flash version 10.3.181.22 → Update Flash warning on the Firefox What's New page for Flash version 10.3.181.22
Reassigning to Steven, as James is on PTO.
Assignee: cbrodigan → steven
Comment 3•13 years ago
|
||
I don't know much about this JS file. Kohei, are we ok to take what you've got in http://mozilla.jp/js/mj/detect-flash.js?
Updated•13 years ago
|
Assignee: steven → mike
Updated•13 years ago
|
Target Milestone: --- → 2.8
Comment 5•13 years ago
|
||
Kohei, it appears that the navigator.plugins[foo].version doesn't work on Linux. Can you confirm?
Assignee | ||
Comment 6•13 years ago
|
||
Added extra code to use the plugin description for Linux in r90340.
Comment 8•13 years ago
|
||
Yeah, big thanks Michael for that. I can push this as soon as it's been QA-ed.
Comment 9•13 years ago
|
||
qa-verified-trunk http://www-trunk.stage.mozilla.com/en-US/firefox/4.0/whatsnew/
Keywords: qawanted
Comment 10•13 years ago
|
||
pushed to production r90578
Comment 11•13 years ago
|
||
verified fixed http://www.mozilla.com/en-US/firefox/4.0/whatsnew/
Status: RESOLVED → VERIFIED
Updated•12 years ago
|
Component: www.mozilla.org/firefox → www.mozilla.org
Updated•12 years ago
|
Component: www.mozilla.org → General
Product: Websites → www.mozilla.org
You need to log in
before you can comment on or make changes to this bug.
Description
•