Closed Bug 992583 Opened 10 years ago Closed 2 years ago

plugin check incorrectly identifies linux vlc and gecko-mediaplayer as vulnerable

Categories

(Websites :: plugins.mozilla.org, defect)

Product:
Websites
Component:
plugins.mozilla.org
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INCOMPLETE

People

(Reporter: glgxg, Unassigned)

Details

User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:28.0) Gecko/20100101 SeaMonkey/2.25 (Beta/Release)
Build ID: 20140318183302

Steps to reproduce:

Checked about:plugins & https://www.mozilla.org/en-US/plugincheck/


Actual results:

Plugin check shows:
QuickTime Plug-in 7.6.9Gecko Media Player 1.0.4
Video Player Plug-in for QuickTime, RealPlayer and Windows Media Player streams using MPlayer	vulnerable

and

VLC Web PluginVersion 2.0.8 Twoflower, copyright 1996-2011 VideoLAN and Authors
http://www.videolan.org/vlc/	vulnerable


Expected results:

Plugin check should have noted that my plugins are up to date:

QuickTime Plug-in 7.6.9
    File: gecko-mediaplayer-qt.so
    Path: /usr/lib/mozilla/plugins/gecko-mediaplayer-qt.so
    Version: 
    State: Enabled
    Gecko Media Player 1.0.4 Video Player Plug-in for QuickTime, RealPlayer and Windows Media Player streams using MPlayer 

mplayerplug-in is now gecko-mediaplayer 1.0.4
    File: gecko-mediaplayer.so
    Path: /usr/lib/mozilla/plugins/gecko-mediaplayer.so
    Version: 
    State: Enabled
    Gecko Media Player 1.0.4 Video Player Plug-in for QuickTime, RealPlayer and Windows Media Player streams using MPlayer 

$ apt-cache policy gecko-mediaplayer
gecko-mediaplayer:
  Installed: 1.0.4-2ubuntu1
  Candidate: 1.0.4-2ubuntu1

VLC Web Plugin
    File: libvlcplugin.so
    Path: /usr/lib/mozilla/plugins/libvlcplugin.so
    Version: 
    State: Enabled
    Version 2.0.8 Twoflower, copyright 1996-2011 VideoLAN and Authors

$ apt-cache policy mplayer
mplayer:
  Installed: 2:1.0~rc4.dfsg1+svn34540-1
  Candidate: 2:1.0~rc4.dfsg1+svn34540-1
Forgot:
$ apt-cache policy vlc
vlc:
  Installed: 2.0.8-0ubuntu0.12.04.1
  Candidate: 2.0.8-0ubuntu0.12.04.1
  Version table:
 *** 2.0.8-0ubuntu0.12.04.1 0

$ apt-cache policy browser-plugin-vlc
browser-plugin-vlc:
  Installed: 2.0.0-1
  Candidate: 2.0.0-1
Version: Trunk → unspecified
Might as well add Java to this.

Java(TM) Plug-in 10.51.2
Next Generation Java Plug-in 10.51.2 for Mozilla browsers	vulnerable

Java(TM) Plug-in 10.51.2
    File: libnpjp2.so
    Path: /opt/java/64/jre1.7.0_51/lib/amd64/libnpjp2.so
    Version: 10.51.2
    State: Enabled
    Next Generation Java Plug-in 10.51.2 for Mozilla browsers

$ java -version
java version "1.7.0_51"
Java(TM) SE Runtime Environment (build 1.7.0_51-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.51-b03, mixed mode)
I'm seeing this issue on FF beta 31.05 Ubuntu 14.04 .
Status: UNCONFIRMED → NEW
Ever confirmed: true

PluginCheck is no longer supported

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.