Videolan has fixed some secutity issues, so we should mark older versions as outdated or vulnerable.
Any news? It shouldn't be hard to fix.
Videolan released v 2.1.2
should be fixed now
NOT fixed by VLC. The npvlc.dll is still showing the 2.1.0 version.
Related support forum thread (includes screenshots): https://support.mozilla.org/questions/982481 plugin check not working "The Firefox plugin checker is reporting "Update Now" for VLC media player Web Plugin 2.1.0. The 'update now' link invites me to download Plugin 2.1.2. but i already have 2.1.2 installed" The PluginCheck page should be reporting that version 2.1.0 of the VLC Web Plugin is up to date, since it's the latest available version of the VLC media player Web Plugin file npvlc.dll included with VLC Media Player 2.1.2
Additional info: https://forum.videolan.org/viewtopic.php?f=2&t=116442 Re: VLC v2.1.2 vulnerable to RTSP attack Postby Jean-Baptiste Kempf » Fri Jan 03, 2014 5:42 pm If you installed the firefox plugin with 2.1.2, then it is fixed. Even if the number is 2.1.0 in the firefox plugin.
Should we reopen until we can fix this?
Yes, I think this bug should be reopened.
This is apparently fixed, as now reported in the related support forum thread, https://support.mozilla.org/questions/982481 I can confirm that PluginCheck now shows "VLC media player Web Plugin 2.1.0" as being up-to-date.
Seems fixed with VLC 2.1.3