Closed
Bug 850212
Opened 11 years ago
Closed 11 years ago
Update plugincheck/pfs for Flash 11.6.602.180 on Mac and Windows
Categories
(Websites :: plugins.mozilla.org, defect)
Websites
plugins.mozilla.org
Tracking
(Not tracked)
VERIFIED
FIXED
People
(Reporter: scoobidiver, Assigned: cbook)
References
()
Details
(Keywords: qawanted)
Attachments
(1 file)
817 bytes,
patch
|
clouserw
:
review+
|
Details | Diff | Splinter Review |
Adobe released Flash 11.6.602.180 today. http://www.adobe.com/support/security/ says nothing about a security issue fix.
Source of Info: http://www.adobe.com/support/flashplayer/downloads.html 3/12/2013 – Updated debugger and standalone versions of Flash Player. These players contain fixes for critical vulnerabilities identified in Security Bulletin APSB13-09. The latest versions are 11.6.602.180 (Win and Mac) and 11.2.202.275 (Linux). All users are encouraged to update to these latest versions. Security Bulletin APSB13-09: http://www.adobe.com/support/security/bulletins/apsb13-09.html . These updates resolve an integer overflow vulnerability that could lead to code execution (CVE-2013-0646). These updates resolve a use-after-free vulnerability that could be exploited to execute arbitrary code (CVE-2013-0650). These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2013-1371). These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2013-1375). I am not able to change the "Importance" of this Bug, or I would bump it up a bit.
Reporter | ||
Updated•11 years ago
|
Severity: normal → critical
Comment 2•11 years ago
|
||
Sorry for the delay folks. Here is the new RDF configuration info for the Windows Flash Player (we don't currently support Mac installs via PFS): <pfs:version>11.6.602.180</pfs:version> <pfs:InstallerLocation>http://download.macromedia.com/pub/flashplayer/pdc/fp_pl_pfs_installer.exe</pfs:InstallerLocation> <pfs:InstallerHash>sha256:e0a7dde15a927428a2cdc7df028c2ffff741b798d02adc320b953ec44a64de8b</pfs:InstallerHash>
Assignee | ||
Comment 3•11 years ago
|
||
Hey Will could you review and push this patch, thanks !
Attachment #724324 -
Flags: review?(clouserw)
Assignee | ||
Updated•11 years ago
|
Assignee: nobody → cbook
Summary: Update plugincheck for Flash 11.6.602.180 on Mac and Windows → Update plugincheck/pfs for Flash 11.6.602.180 on Mac and Windows
Assignee | ||
Comment 4•11 years ago
|
||
Raymond: plugincheck is updated on production for this update, so it needs only qa check here.
Keywords: qawanted
Firefox (aurora) shows "Shockwave Flash 11.6 r602" "11.6.602.171" "Up to Date". Seamonkey (beta) shows "Shockwave Flash 11.6 r602" "Vulnerable". (Help/About Plugins confirms it is 11.6.602.171) Opera (release) shows "Shockwave Flash 11.6 r602" "Outdated". (Tools/Plugins confirms it is 11,6,602,171) IE8 shows "Shockwave Flash 11.6.602.171" "11.6.602.171" "Up to Date" Chrome (release) uses its own Flash of course, and shows: "Shockwave Flash 11.6 r602" "11.6.602.0" "Up to Date" System is WinXP.
Reporter | ||
Comment 6•11 years ago
|
||
For me also, it's inconsistent. Flash 11.6.602.171 is marked as vulnerable in IE 9 and up-to-date in Firefox 19.
Updated•11 years ago
|
Attachment #724324 -
Flags: review?(clouserw) → review+
Comment 7•11 years ago
|
||
https://github.com/mozilla/zamboni/commit/97b1c47e81127454ffbd8a0ee6c72841da89e88a
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Reporter | ||
Comment 8•11 years ago
|
||
(In reply to Scoobidiver from comment #6) > For me also, it's inconsistent. Flash 11.6.602.171 is marked as vulnerable > in IE 9 and up-to-date in Firefox 19. It's now marked as vulnerable in Firefox 19 so likely a server caching issue but it's odd that two different browsers on the same machine have different behaviors regarding that.
Comment 9•11 years ago
|
||
verified fixed https://www.mozilla.org/en-US/plugincheck/ 11.6.602.180
Status: RESOLVED → VERIFIED
You need to log in
before you can comment on or make changes to this bug.
Description
•