FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS Docs

 
 
LinkBack Thread Tools
 
Old 04-22-2011, 07:31 PM
JD
 
Default nspluginwrapper

On 04/22/11 11:17, James Wilkinson wrote:
> JD wrote:
>> I uninstalled it and there was no complaint of any dependency.
>> It must have been a remnant from F13 when performed the
>> upgrade to F14, and the next yum update simply installed
>> updated the F13 version to F14.
> Without nspluginwrapper, Firefox plugins run in the same process as
> Firefox itself. This means that if a Firefox plugin crashes, it takes
> down the entire browser.
>
> With nspluginwrapper, Firefox plugins run in separate processes. This
> should mean that a plugin crash only takes down the plugin, which can be
> restarted (for example, by reloading the page).
>
> Presumably, this also means that the plugins can run on separate
> hardware threads: whether this makes any difference to browser
> responsiveness is something I have neither investigated nor seen anyone
> else investigate.
>
> Hope this helps,
>
> James.
>
> by which I include separate cores
>
That is interesting info.
I will experiment without it, and
if the crash of, say flash plugin crashes FF,
then I will re-install it.

Cheers,

JD
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 04-22-2011, 08:29 PM
g
 
Default nspluginwrapper

On 04/22/2011 07:31 PM, JD wrote:
<>

> if the crash of, say flash plugin crashes FF,
> then I will re-install it.

latest flash is 10.2.159.1.

anything prior has security and crash problems.


--

peace out.

tc.hago,

g
.

****
in a free world without fences, who needs gates.
**
help microsoft stamp out piracy - give linux to a friend today.
**
to mess up a linux box, you need to work at it.
to mess up an ms windows box, you just need to *look* at it.
**
learn linux:
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge' http://howtoforge.com/
****

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 04-22-2011, 09:03 PM
JD
 
Default nspluginwrapper

On 04/22/11 13:29, g wrote:
> On 04/22/2011 07:31 PM, JD wrote:
> <>
>
>> if the crash of, say flash plugin crashes FF,
>> then I will re-install it.
> latest flash is 10.2.159.1.
>
> anything prior has security and crash problems.
>
>
Yup! That's what I have.
Let's hope Adobe keeps it free of security holes.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 04-22-2011, 09:04 PM
Craig White
 
Default nspluginwrapper

On Fri, 2011-04-22 at 20:29 +0000, g wrote:
> On 04/22/2011 07:31 PM, JD wrote:
> <>
>
> > if the crash of, say flash plugin crashes FF,
> > then I will re-install it.
>
> latest flash is 10.2.159.1.
>
> anything prior has security and crash problems.
>
>
----
the implication being that the specific version mentioned doesn't have
known security and crash problems which I think both have been found to
be incorrect implications.

Craig


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 04-22-2011, 09:09 PM
JD
 
Default nspluginwrapper

On 04/22/11 14:04, Craig White wrote:
> On Fri, 2011-04-22 at 20:29 +0000, g wrote:
>> On 04/22/2011 07:31 PM, JD wrote:
>> <>
>>
>>> if the crash of, say flash plugin crashes FF,
>>> then I will re-install it.
>> latest flash is 10.2.159.1.
>>
>> anything prior has security and crash problems.
>>
>>
> ----
> the implication being that the specific version mentioned doesn't have
> known security and crash problems which I think both have been found to
> be incorrect implications.
>
> Craig
>
>
Well, have any security exploits been detected
or publicized in latest version?
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 04-22-2011, 09:14 PM
g
 
Default nspluginwrapper

On 04/22/2011 09:04 PM, Craig White wrote:
<>

> ----
> the implication being that the specific version mentioned doesn't have
> known security and crash problems which I think both have been found to
> be incorrect implications.

i do not know what 'implications' you are implying, but i believe this
will show what is correct:

+++

======
Red Hat Security Advisory

Synopsis: Critical: flash-plugin security update
Advisory ID: RHSA-2011:0451-01
Product: Red Hat Enterprise Linux Extras
Advisory URL: https://rhn.redhat.com/errata/RHSA-2011-0451.html
Issue date: 2011-04-18
CVE Names: CVE-2011-0611
======

1. Summary:

An updated Adobe Flash Player package that fixes one security issue is now
available for Red Hat Enterprise Linux 5 and 6 Supplementary.

The Red Hat Security Response Team has rated this update as having critical
security impact. A Common Vulnerability Scoring System (CVSS) base score,
<snip>

3. Description:

The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash
Player web browser plug-in.

This update fixes one vulnerability in Adobe Flash Player. This
vulnerability is detailed on the Adobe security page APSB11-07, listed in
the References section. Specially-crafted SWF content could cause
flash-plugin to crash or, potentially, execute arbitrary code.
(CVE-2011-0611)

All users of Adobe Flash Player should install this updated package, which
upgrades Flash Player to version 10.2.159.1.

4. Solution:

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

<snip>

7. References:

https://www.redhat.com/security/data/cve/CVE-2011-0611.html
https://access.redhat.com/security/updates/classification/#critical
http://www.adobe.com/support/security/bulletins/apsb11-07.html

+++

are do you know something red hat does not?


--

peace out.

tc.hago,

g
.

****
in a free world without fences, who needs gates.
**
help microsoft stamp out piracy - give linux to a friend today.
**
to mess up a linux box, you need to work at it.
to mess up an ms windows box, you just need to *look* at it.
**
learn linux:
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge' http://howtoforge.com/
****

--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 
Old 04-23-2011, 01:21 PM
James Wilkinson
 
Default nspluginwrapper

g wrote:
> latest flash is 10.2.159.1.
>
> anything prior has security and crash problems.

Craig White objected:
> the implication being that the specific version mentioned doesn't have
> known security and crash problems which I think both have been found to
> be incorrect implications.

JD asked:
> Well, have any security exploits been detected
> or publicized in latest version?

It is a truism that every non-trivial program has bugs in it. Adobe
Flash player merely seems to have way more than its fair share.

Since it is intended to run programs from non-trusted sources, it is
inevitable that many of these bugs will have security implications.

After too many security vulnerabilities, too many fixes, and too many
zero-day exploits going unfixed for too long, running Flash makes it way
too likely that you are vulnerable to exploits that various criminals
know about and you don’t.

At one recent security conference:
Paul Baccus, a senior threat researcher at Sophos, asked if anyone
from Adobe was in the session. After a pause a voice at the back
shouted “Of course not, it’s a security conference.”
– Graham Cluley, senior technology consultant at Sophos, quoted
in
http://theinquirer.net/inquirer/news/1736408/insecurity-experts-banish-pdf

James.

--
E-mail: james@ | Blessed are the pessimistic, for they take backups.
aprilcottage.co.uk |
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
I�@���ם��^���a���^��w ��w��h
 
Old 04-23-2011, 03:56 PM
JD
 
Default nspluginwrapper

On 04/23/11 06:21, James Wilkinson wrote:
> g wrote:
>> latest flash is 10.2.159.1.
>>
>> anything prior has security and crash problems.
> Craig White objected:
>> the implication being that the specific version mentioned doesn't have
>> known security and crash problems which I think both have been found to
>> be incorrect implications.
> JD asked:
>> Well, have any security exploits been detected
>> or publicized in latest version?
> It is a truism that every non-trivial program has bugs in it. Adobe
> Flash player merely seems to have way more than its fair share.
>
> Since it is intended to run programs from non-trusted sources, it is
> inevitable that many of these bugs will have security implications.
>
> After too many security vulnerabilities, too many fixes, and too many
> zero-day exploits going unfixed for too long, running Flash makes it way
> too likely that you are vulnerable to exploits that various criminals
> know about and you don’t.
>
> At one recent security conference:
> Paul Baccus, a senior threat researcher at Sophos, asked if anyone
> from Adobe was in the session. After a pause a voice at the back
> shouted “Of course not, it’s a security conference.”
> – Graham Cluley, senior technology consultant at Sophos, quoted
> in
> http://theinquirer.net/inquirer/news/1736408/insecurity-experts-banish-pdf
>
> James.
>
James, you make a good case of security vulnerability
for a large class of software, not just adobe.
I am just very surprised that there is no well working
open source replacement that does not also hog the
cpu. I had tried the gnu flash, and it was not up for
the task.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 01:05 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org