plugincheck is incorrectly identifying the latest Linux flash plugin as vulnerable

RESOLVED DUPLICATE of bug 968726

Status

Websites
plugins.mozilla.org
RESOLVED DUPLICATE of bug 968726
5 years ago
4 years ago

People

(Reporter: WG9s, Unassigned)

Tracking

Details

(Reporter)

Description

5 years ago
plugincheck is incorrectly identifying the latest Adobe Linux flashplayer (11.2.202.243) as being vulnerable.
(Reporter)

Updated

5 years ago
Summary: plugincheck is incorrectly identifying the latest Linux flash plugin a s vunerable → plugincheck is incorrectly identifying the latest Linux flash plugin as vunerable
(Reporter)

Updated

5 years ago
Summary: plugincheck is incorrectly identifying the latest Linux flash plugin as vunerable → plugincheck is incorrectly identifying the latest Linux flash plugin as vulnerable
working on it
Blocks: 821279
http://www.reddit.com/r/firefox/comments/1euomf/can_i_still_use_flash_in_linux/

"I have version 11,2,202,285 installed and according to both that page and https://get.adobe.com/flashplayer/, it is the current version for Linux."

http://www.adobe.com/support/security/bulletins/apsb13-14.html seems to be the latest bulletin, and says .285 is current.
(In reply to Carsten Book [:Tomcat] from comment #1)
> working on it

Is this still being worked on?
I am apparently incorrectly being told to update.

The plugin check https://www.mozilla.org/en-US/plugincheck/ reports I am vulnerable and should update. It then offers to update to the currently installed version 
> Shockwave FlashShockwave Flash 11.2 r202	vulnerable	Update Now
On clicking the update option I get http://get.adobe.com/flashplayer/
> Download Adobe Flash Player
>Adobe Flash Player version 11.2.202.297
>Your system: Linux 64-bit, Firefox 
With a caution box (expected)
>NOTE: Adobe Flash Player 11.2 will be the last version to target Linux as a supported >platform. Adobe will continue to provide security backports to Flash Player 11.2 for Linux. 


I am using Firefox 24.0a2 (2013-07-31) (canonical) on Linux (Ubuntu LTS 12.04)
http://www.adobe.com/uk/software/flash/about/
confirms 
> You have version 11,2,202,297 installed
and has table confirming this is the latest version
> Linux 	Mozilla, Firefox, SeaMonkey (Flash Player 11.2 is the last supported Flash Player version for Linux. Adobe will continue to provide security updates.) 	11.2.202.297

about:plugins shows
Shockwave Flash 11,2,202,297 last Update 12/07/13

Firefox Nightly 26.0a1 (2013-08-17) (Mozilla) gives similar results.

There is a related sumo discussion thread 
> Plugincheck incorrectly reports Flash plugin as vulnerable in Linux
> https://support.mozilla.org/en-US/forums/contributors/709556

Comment 5

4 years ago
I have the same result as John Hesling on FF23.0  with Flash 11,2,202,297 installed on an Ubuntu 12.04 x64 system.

mozilla plugincheck reports the plugin as outdated and vulnerable even though it is the latest version for my system according to Adobe

Comment 6

4 years ago
Same here... running Debian Wheezy (x64) and Firefox 23.0.1 with the latest flashplayer plugin installed ("11,2,202,310").

Comment 7

4 years ago
Same with FF26.0(beta) on Fedora 16. Flashplayer plugin is latest version = 11.2.202.310 .

Comment 8

4 years ago
I've just reported <https://bugzilla.mozilla.org/show_bug.cgi?id=942356> before having been shown this bug report. I found that the issue is incorrect version information is being put in the pluginreg.dat file, note the commas separating the version numbers.

Version: 11,2,202,327
should be
Version: 11.2.202.327

Change the pluginreg.dat information to the correct version format and the plugin check page reports (correctly) that the Flash version is up-to-date. 

If others can please verify by modifying the pluginreg.dat file (do it before starting Firefox or SeaMonkey), then I think this bug can be closed out, and 942356 be used to resolve why there are commas instead of periods being placed in the file.

Comment 9

4 years ago
Just tried and I can confirm that changing the pluginreg.dat the plugin is correctly reported as updated.
Plugincheck could still work around the version string with commas instead of dots: even after bug 942356 is fixed it will still take time for the fix to get into a release.

Updated

4 years ago
Duplicate of this bug: 952776
(Reporter)

Comment 12

4 years ago
This now WORKSFORME.
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WORKSFORME

Comment 13

4 years ago
This bug is still present on my system (now running Firefox 26.0).

"about:plugins" shows "11,2,202,332" as installed and Adobe flashplayer site also says I have the latest version available yet Mozilla plugincheck site thinks I have to update. Am I missing something?
(Reporter)

Comment 14

4 years ago
Well, normally we mark bugs as fixed when the issue is fixed in the current codebase for Nightly releases, and NOT when it is fixed in the Release Product.  However, since I did file this bug on the website, and comment 10 indicates there might be something that could be done there because the fix for bug 942356 is not going to make it to release until Firefox 28, I am re-oepning this bug.
Status: RESOLVED → REOPENED
Resolution: WORKSFORME → ---
(Reporter)

Updated

4 years ago
Status: REOPENED → NEW

Comment 15

4 years ago
Maybe better than closing it as "worksforme" or reopening"" as "new" would be using bugzilla tags "Version → current stable" and "Target milestone → 28" to redefine the current status of the bug.
(Reporter)

Updated

4 years ago
Depends on: 942536
(Reporter)

Updated

4 years ago
Depends on: 942356
No longer depends on: 942536
(Reporter)

Comment 16

4 years ago
I took a different approach and nominated the already implemented, tested and verified fix for bug 931469 for uplifting to beta so it might land sooner.
(Reporter)

Comment 17

4 years ago
(In reply to Bill Gianopoulos [:WG9s] from comment #16)
> I took a different approach and nominated the already implemented, tested
> and verified fix for bug 931469 for uplifting to beta so it might land
> sooner.

Well, the issue with that is this was a bug filed against the website and not the mozilla codebase, so that is no more appropriate than my previous WORKSFORME.
(Reporter)

Comment 18

4 years ago
My personal feeling is that the fix in bug 931469 is lame and the real fix should have been to treat the commas as periods on the website rather than a wallpaper fix in the browser.  Evidently I was overruled on that so I have gotten over it.  So I think the likelihood of a website change to avoid this issue before the Feb r4t date when Firefox 27 is coming out is fairly close to zero, so I am trying to get the product workaround into Firefox 27 rather than pushing for a website change.
If you mean bug 952776, that bug was not supposed to be a substitute for fixing plugincheck.
That bug is a work-around that is not limited to this specific website.
Marking as a duplicate of https://bugzilla.mozilla.org/show_bug.cgi?id=968726
Status: NEW → RESOLVED
Last Resolved: 4 years ago4 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 968726
You need to log in before you can comment on or make changes to this bug.