Add a warning to plugincheck to reflect known vulnerable plugins

RESOLVED DUPLICATE of bug 570363

Status

Websites
plugins.mozilla.org
RESOLVED DUPLICATE of bug 570363
6 years ago
4 years ago

People

(Reporter: ygjb, Unassigned)

Tracking

Details

(Reporter)

Description

6 years ago
There is currently a 0-day available for Java  7.0.60.24.  Visiting http://www.mozilla.org/en-US/plugincheck/ notifies a user that the plugin is up to date, which may result in users thinking that they are protected.

When a plugin is known to be vulnerable, it should be flagged with a warning so that users are aware that even though they have the most recent version, they are still vulnerable.
Component: Plugin Finder Service → plugins.mozilla.org
Product: Toolkit → Websites
ok i think the best solution so far is that we can mark the java 7 plugins as vulnerable because of the current situation.

cc'ing some webdev folks in case we make this much nicer since i think its a special situation here where the plugin itself is latest but vulnerable and no vendor update so far...maybe a infobar would be nice again?
ok plugincheck is updated with the vulnerable information

Updated

5 years ago
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 570363
You need to log in before you can comment on or make changes to this bug.