FYI: ---------- Forwarded message ---------- From: Martin Stransky <stransky@xxxxxxxxxx> Date: Fri, Jan 23, 2015 at 2:51 AM Subject: Flash plugin 0-day vulnerability in the wild To: Development discussions related to Fedora <devel@xxxxxxxxxxxxxxxxxxxxxxx> Folk, There's a live 0-day flash vulnerability which is not fixed yet [1][2]. If you use flash plugin I recommend you to enable the click-to-play mode for it. There's also a Fedora Firefox update with such change [3]. ma. [1] https://isc.sans.edu/diary/Flash+0-Day+Exploit+Used+by+Angler+Exploit+Kit/19213 [2] http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html [3] https://bugzilla.redhat.com/show_bug.cgi?id=1185241 -------------------------------------- If you have SELinux enforcing in its default configuration you should be safer, since it limits the abilities of Firefox plugins. See the full thread for more information: https://lists.fedoraproject.org/pipermail/devel/2015-January/206997.html http://thread.gmane.org/gmane.linux.redhat.fedora.devel/203965 -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
