Firefox says this is out of date
Status: Beta
Brought to you by:
smichaud
Menu
▾
▴
Screnshot of the mozilla plugin checker
Mac OS X 10.4.11 , FireFox 3.6.12
http://support.mozilla.com/en-US/kb/Java-related+issues?s=java+not+starting&as=s
A freshly downloaded copy of FF 3.6.12 for OS X bundles JEP 0.9.7.4.
It looks like you removed your download's copy of JEP 0.9.7.4 and
replaced it with JEP 0.9.7.3.
But even with the originally bundled copy of JEP 0.9.7.4,
http://www.mozilla.com/en-US/plugincheck says that this version (which
it correctly identifies as JEP 0.9.7.4) is out of date when run on OS
X 10.4.11. This doesn't happen on OS X 10.5.8 or 10.6.4. It's a bug
in the Mozilla plugin checker.
Most Java applets run just fine in the combination of FF 3.6.12 and
JEP 0.9.7.4 (for example http://browserspy.dk/java.php\). But JEP
0.9.7.4 uncovered a bug in Firefox, which in turn triggered the
following two bugs. You're probably seeing one or the other. I'm
working on a fix.
https://bugzilla.mozilla.org/show_bug.cgi?id=606737
https://bugzilla.mozilla.org/show_bug.cgi?id=607678
> http://support.mozilla.com/en-US/kb/Java-related+issues?s=java+not+starting&as=s
This page is only about Java on Windows and Linux. It has nothing to
do with Java on OS X.
Finally, I need to explain why JEP 0.9.7.4 hasn't yet been formally
released, and isn't available at http://javaplugin.sourceforge.net:
I created the JEP 0.9.7.4 update to close a security hole. It has
been bundled with current releases of Mozilla browsers (Firefox and
Camino) since Firefox 3.6.11, Firefox 3.5.14, and Camino 2.0.5.
I'd have hoped to be able to formally release JEP 0.9.7.4 (and its
source code) by now. But the security issues have not yet been fully
resolved on other platforms than OS X, so I am still holding off.
Once these issues are resolved I will make JEP 0.9.7.4 available at
http://javaplugin.sourceforge.net. More information will be available
at https://bugzilla.mozilla.org/show_bug.cgi?id=598453 and
https://bugzilla.mozilla.org/show_bug.cgi?id=589041, though access to
these two URLs is currently limited.
For obvious reasons, I'll have no more to say on this until the issues
are fully resolved and JEP 0.9.7.4 is formally released.
Please let me respond to this thread, since it is public now.
I responded to your (smichaud) stance, of not releasing the latest source code, over at the Camino forum. Here is what I said there:
-start-
Indeed, I am not allowed to view the bugzilla reports mentioned.
This whole ordeal does not feel right to me. This is not “Open Source” to me. Whatever is being hidden, here, is making me feel real “qualmy”.
Never-mind the “massive security hole”, no-one has “proved” there _is_ one, AFAIAC — 0.9.7.3 has been publicly available for most of this year (2010).
[I am not a “cracker” who wants to “break into” security holes or otherwise ruin F/OSS projects in any manner. I just want everything to be “out in the open”, which is the very principle of “Open Source”, or so I was raised to believe.]
Therefore, I’m sorry to say, I have backed–out the 0.9.7.4 plugin, staying with 0.9.7.3, for my set-up here, until _someone_ explains *in–detail* what is going on here.
:(
-end-
I might also add two more items stopping me from using your latest plugin:
(1) we who build binaries from the source are _unable_ to build your 0.9.7.4 at the present time,
and
(2) the “proof” of a “security hole” we need is the “officially announced” reports coming from the various “trusted” organisations, such as a CVE document (example). Maybe perhaps the stated bugzilla reports you mentioned do have these doc–IDs to let us understand the situation(s) better, but as I said, most of us cannot access those bugzilla reports.
Ergo, I say again, my gut tells me to be extremely “queezy” about using your updated plugin, and have been actively removing it inside the app bundles every time here.
My gut has very rarely ever been wrong when it feels this strong.
:(