I seem to have 9,0,152,0 according to http://www.macromedia.com/software/
flash/about
But where do I look to look for a record recently completed software
updates?
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
12-20-2008, 11:07 AM
Aki Utoslahti
Flash 9 Vulnerability on Linux - was it patched in house
Gardier wrote:
> http://snipurl.com/8x52r
> http://www.securityfocus.com/bid/32896
>
> Was this patch rolled out though the updater?
>
> I seem to have 9,0,152,0 according to http://www.macromedia.com/software/
> flash/about
>
> But where do I look to look for a record recently completed software
> updates?
>
>
>
Hi,
I ran yesterday full updates via updater and my flash seems to be
version: 10.0.15.3
Also if you look on the details for package flashplugin-nonfree from
repositories, it says:
"$apt-cache show flashplugin-nonfree
.....
Version: 10.0.15.3ubuntu1~intrepid1
....
"
And that is fortunately the version which seems not to be vulnerable for
exploits.
Have you rolled every single update from repositories?
Best Regards,
Aki Utoslahti
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
12-20-2008, 02:18 PM
Gardier
Flash 9 Vulnerability on Linux - was it patched in house
On Sat, 20 Dec 2008 14:07:25 +0200, Aki Utoslahti wrote:
> And that is fortunately the version which seems not to be vulnerable for
> exploits. Have you rolled every single update from repositories?
I haven't got around to upgrading to 8.10 yet and this is partly what I
was checking, whether Hardy users will get this patch. Surely we ought to
as it's a security patch?
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
12-20-2008, 10:47 PM
NoOp
Flash 9 Vulnerability on Linux - was it patched in house
On 12/20/2008 07:18 AM, Gardier wrote:
> On Sat, 20 Dec 2008 14:07:25 +0200, Aki Utoslahti wrote:
>
>> And that is fortunately the version which seems not to be vulnerable for
>> exploits. Have you rolled every single update from repositories?
>
> I haven't got around to upgrading to 8.10 yet and this is partly what I
> was checking, whether Hardy users will get this patch. Surely we ought to
> as it's a security patch?
>
>
If you are running 32bit; enable the Universe repository via Synaptic
(System|Administration|Synaptic...|Settings|Reposi tories|Ubuntu
Software|Community-maintained... (Universe) is checked. Reload your
repositories (Reload button).
Now, from Synaptic, search using 'flash' (no quotes). Right click on
'flashplugin-nonfree' and 'Mark for complete removal'. Right click on
'adobe-flashplugin' and "Mark for installation". Click the apply button.
When completed you will have flash 10.0.15.3-1hardy2 installed on your
system.
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
12-21-2008, 02:20 AM
NoOp
Flash 9 Vulnerability on Linux - was it patched in house
On 12/20/2008 03:47 PM, NoOp wrote:
> On 12/20/2008 07:18 AM, Gardier wrote:
>> On Sat, 20 Dec 2008 14:07:25 +0200, Aki Utoslahti wrote:
>>
>>> And that is fortunately the version which seems not to be vulnerable for
>>> exploits. Have you rolled every single update from repositories?
>>
>> I haven't got around to upgrading to 8.10 yet and this is partly what I
>> was checking, whether Hardy users will get this patch. Surely we ought to
>> as it's a security patch?
>>
>>
>
> If you are running 32bit; enable the Universe repository via Synaptic
> (System|Administration|Synaptic...|Settings|Reposi tories|Ubuntu
> Software|Community-maintained... (Universe) is checked. Reload your
> repositories (Reload button).
>
> Now, from Synaptic, search using 'flash' (no quotes). Right click on
> 'flashplugin-nonfree' and 'Mark for complete removal'. Right click on
> 'adobe-flashplugin' and "Mark for installation". Click the apply button.
> When completed you will have flash 10.0.15.3-1hardy2 installed on your
> system.
>
And, as a kudos to Mario Vukelic from the "Flashplugin-nonfree' thread:
I found that after checking:
http://www.adobe.com/products/flash/about/
I'd forgotten to update my ~/.mozilla/plugins libflashplayer.so to
version .15, which adobe-flashplugin provides. So I've now created a
link in ~/.mozilla/plugins to /usr/lib/adobe-flashplugin/libflashplayer.so
Thanks Mario :-)
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
12-21-2008, 08:24 PM
Gardier
Flash 9 Vulnerability on Linux - was it patched in house
On Sat, 20 Dec 2008 15:47:39 -0800, NoOp wrote:
> If you are running 32bit; enable the Universe repository via Synaptic
> (System|Administration|Synaptic...|Settings|Reposi tories|Ubuntu
> Software|Community-maintained... (Universe) is checked. Reload your
> repositories (Reload button).
Thanks for pointing me in the right direction. Actually the update
appears to be in the partners repo here. I use the UK server so maybe
that accounts for the difference.
I still say security updates shouldn't have to be found. They should be
rolled out to us automatically.
I can accept my responsibility where I have taken it on myself to install
an unsupported package but flash-non-free was added as part of the ubuntu-
restricted-extras.
--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
12-21-2008, 10:11 PM
NoOp
Flash 9 Vulnerability on Linux - was it patched in house
On 12/21/2008 01:24 PM, Gardier wrote:
> On Sat, 20 Dec 2008 15:47:39 -0800, NoOp wrote:
>
>> If you are running 32bit; enable the Universe repository via Synaptic
>> (System|Administration|Synaptic...|Settings|Reposi tories|Ubuntu
>> Software|Community-maintained... (Universe) is checked. Reload your
>> repositories (Reload button).
>
> Thanks for pointing me in the right direction. Actually the update
> appears to be in the partners repo here. I use the UK server so maybe
> that accounts for the difference.
>
> I still say security updates shouldn't have to be found. They should be
> rolled out to us automatically.
>
> I can accept my responsibility where I have taken it on myself to install
> an unsupported package but flash-non-free was added as part of the ubuntu-
> restricted-extras.
>
>
It's a very recent change & yes, it's the partners repo, my apologies.
In the future you should see it sync'ing properly. For example; I had
.12 on another test machine - the update manager notified me of the
update to .15 as with any standard security update. Hopefully, when
Adobe finally get their 64bit flash version released it can be added as
well. I for one am very pleased to see Adobe _finally_ hooked into
Ubuntu w/regards to flash. I particularly like the bit on:
Flash 9 Vulnerability on Linux - was it patched in house
