On 02/04/2015 04:42 PM, Ahmad Samir wrote:
On 4 February 2015 at 00:43, inode0 <inode0@xxxxxxxxx> wrote:
On Tue, Feb 3, 2015 at 4:32 PM, Robert Moskowitz <rgm@xxxxxxxxxxxxxxx> wrote:
On 02/03/2015 04:48 PM, inode0 wrote:
There is another exploit in the wild that adobe expects to fix with
another release sometime this week.
I have a limited use of flash. For sites like cnn. Well, I think one of my
banks uses it for their home page...
https://bugzilla.redhat.com/show_bug.cgi?id=1188329
I'd just take a few flash free days until adobe gets it fixed to be a
little safer.
John
From https://helpx.adobe.com/security/products/flash-player/apsa15-02.html :
“Revisions
February 2, 2015 - removed Flash Player version 11.x from the list of
affected versions. Version 11.x and earlier do not support the
functionality affected by CVE-2015-0313. ”
So they found that Linux/Firefox isn't affected IIUC.
My version of 11.2 is 11.2.202.310, which is version downloaded from the
Adobe web site. I've also heard that Adobe are not releasing any future
version of flash for Linux (has that state changed?) plus they were
winding back development of flash for windows in favor of html 5.
I checked about:plugins and my version of flash is showing State:
Enabled (STATE_VULNERABLE_UPDATE_AVAILABLE)
Removal of pluginreg.dat made no difference, plus like Robert I get the
flash issue on a lot of websites and on a lot of sites firefox refuses
to play the flash on the grounds that flash is a security risk, until I
allow the execution.
begin:vcard
fn:Stephen Morris
n:Morris;Stephen
email;internet:samorris@xxxxxxxxxxxxxxx
x-mozilla-html:TRUE
version:2.1
end:vcard
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
