On Mon, Jan 26, 2015 at 1:40 PM, Martin Stransky <stransky@xxxxxxxxxx> wrote: > On 01/23/2015 10:51 AM, Martin Stransky wrote: >> >> Folk, >> >> There's a live 0-day flash vulnerability which is not fixed yet [1][2]. >> If you use flash plugin I recommend you to enable the click-to-play mode >> for it. >> >> There's also a Fedora Firefox update with such change [3]. >> >> ma. >> >> [1] >> >> https://isc.sans.edu/diary/Flash+0-Day+Exploit+Used+by+Angler+Exploit+Kit/19213 >> >> [2] >> >> http://malware.dontneedcoffee.com/2015/01/unpatched-vulnerability-0day-in-flash.html >> >> [3] https://bugzilla.redhat.com/show_bug.cgi?id=1185241 > > > This vulnerability has got CVE-2015-0311 name [1]. Thx to drago01 to point > that out. Unfortunately it's still unfixed by Adobe and latest flash for > Linux/Firefox (11.2.202.438) is still vulnerable. The latest one is 11.2.202.440 ... which is supposed to have the fix. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
