This is a public service announcement --- if you are running Flash 10.0,
make sure you upgrade to 10.1. Flash 10.0 has a horrible security
vulnerability:
http://www.adobe.com/support/security/bulletins/apsb10-14.html
I have Google Analytics running on the ksummit2010 website, and in
addition to discovering that 59% used Firefox and 25% were using Chrome,
and that the most popular screen resolution was 1280x800 followed by
1280x1024, etc. --- I also was able to find that while 59% were running
Flash 10.1, over 40% of the visitors to the ksummit2010 web site were
running a vulnerable version of Adobe flash, which has a remote code
execution vulerability.
If you were visiting that site from your development system, which you
use to push changes to a subsystem maintianer, or even Linus, hopefully
I don't need to tell you what a bad idea it is to leave yourself open
and vulnerable like this. (This particular security problem with Flash
has been announced for almost 2 months at this point!)
- Ted
On 07/29/2010 07:50 PM, Theodore Ts'o wrote:
> This is a public service announcement --- if you are running Flash 10.0,
> make sure you upgrade to 10.1. Flash 10.0 has a horrible security
> vulnerability:
>
> http://www.adobe.com/support/security/bulletins/apsb10-14.html
>
> I have Google Analytics running on the ksummit2010 website, and in
> addition to discovering that 59% used Firefox and 25% were using Chrome,
> and that the most popular screen resolution was 1280x800 followed by
> 1280x1024, etc. --- I also was able to find that while 59% were running
> Flash 10.1, over 40% of the visitors to the ksummit2010 web site were
> running a vulnerable version of Adobe flash, which has a remote code
> execution vulerability.
>
> If you were visiting that site from your development system, which you
> use to push changes to a subsystem maintianer, or even Linus, hopefully
> I don't need to tell you what a bad idea it is to leave yourself open
> and vulnerable like this. (This particular security problem with Flash
> has been announced for almost 2 months at this point!)
>
> - Ted
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
biggest problem here is they havn't updated their x86_64(pure64) version
yet. hopefully hey release an update soon.
Justin P. Mattock
On 07/30/2010 07:05 AM, Justin P. Mattock wrote:
> On 07/29/2010 07:50 PM, Theodore Ts'o wrote:
>> This is a public service announcement --- if you are running Flash 10.0,
>> make sure you upgrade to 10.1. Flash 10.0 has a horrible security
>> vulnerability:
>>
>> http://www.adobe.com/support/security/bulletins/apsb10-14.html
>>
>> I have Google Analytics running on the ksummit2010 website, and in
>> addition to discovering that 59% used Firefox and 25% were using Chrome,
>> and that the most popular screen resolution was 1280x800 followed by
>> 1280x1024, etc. --- I also was able to find that while 59% were running
>> Flash 10.1, over 40% of the visitors to the ksummit2010 web site were
>> running a vulnerable version of Adobe flash, which has a remote code
>> execution vulerability.
>>
>> If you were visiting that site from your development system, which you
>> use to push changes to a subsystem maintianer, or even Linus, hopefully
>> I don't need to tell you what a bad idea it is to leave yourself open
>> and vulnerable like this. (This particular security problem with Flash
>> has been announced for almost 2 months at this point!)
>>
>> - Ted
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>> the body of a message to [email protected]
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>> Please read the FAQ at http://www.tux.org/lkml/
>>
>
>
> biggest problem here is they havn't updated their x86_64(pure64) version
> yet. hopefully hey release an update soon.
>
> Justin P. Mattock
> --
Here too. How do I run (any) Flash-10.1 on a 64bit system (say FC12) without
actually reverting to a 32bit browser? Do I still get to install half of my
system as 32bit duplicates?
Boaz
* Boaz Harrosh ([email protected]) wrote:
> On 07/30/2010 07:05 AM, Justin P. Mattock wrote:
> > On 07/29/2010 07:50 PM, Theodore Ts'o wrote:
<snip - warning>
> > biggest problem here is they havn't updated their x86_64(pure64) version
> > yet. hopefully hey release an update soon.
> >
> > Justin P. Mattock
> > --
>
> Here too. How do I run (any) Flash-10.1 on a 64bit system (say FC12) without
> actually reverting to a 32bit browser? Do I still get to install half of my
> system as 32bit duplicates?
nspluginwrapper works well enough for me on Ubuntu, but this
isn't a kernel problem. (It seems to work better for me in Chrome
than ff but hey that's another problem again).
Since there isn't an announced date for if a 64bit version is going
to be available (only a fluffy statement that they intend to do one)
it's a case of having to move back to 32.
See: http://www.theregister.co.uk/2010/06/11/64_bit_flash_for_linux_dead/
Dave
--
-----Open up your eyes, open up your mind, open up your code -------
/ Dr. David Alan Gilbert | Running GNU/Linux | Happy \
\ gro.gilbert @ treblig.org | | In Hex /
\ _________________________|_____ http://www.treblig.org |_______/
On 08/01/2010 07:18 AM, Boaz Harrosh wrote:
> On 07/30/2010 07:05 AM, Justin P. Mattock wrote:
>> On 07/29/2010 07:50 PM, Theodore Ts'o wrote:
>>> This is a public service announcement --- if you are running Flash 10.0,
>>> make sure you upgrade to 10.1. Flash 10.0 has a horrible security
>>> vulnerability:
>>>
>>> http://www.adobe.com/support/security/bulletins/apsb10-14.html
>>>
>>> I have Google Analytics running on the ksummit2010 website, and in
>>> addition to discovering that 59% used Firefox and 25% were using Chrome,
>>> and that the most popular screen resolution was 1280x800 followed by
>>> 1280x1024, etc. --- I also was able to find that while 59% were running
>>> Flash 10.1, over 40% of the visitors to the ksummit2010 web site were
>>> running a vulnerable version of Adobe flash, which has a remote code
>>> execution vulerability.
>>>
>>> If you were visiting that site from your development system, which you
>>> use to push changes to a subsystem maintianer, or even Linus, hopefully
>>> I don't need to tell you what a bad idea it is to leave yourself open
>>> and vulnerable like this. (This particular security problem with Flash
>>> has been announced for almost 2 months at this point!)
>>>
>>> - Ted
>>> --
>>> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>>> the body of a message to [email protected]
>>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>>> Please read the FAQ at http://www.tux.org/lkml/
>>>
>>
>>
>> biggest problem here is they havn't updated their x86_64(pure64) version
>> yet. hopefully hey release an update soon.
>>
>> Justin P. Mattock
>> --
>
> Here too. How do I run (any) Flash-10.1 on a 64bit system (say FC12) without
> actually reverting to a 32bit browser? Do I still get to install half of my
> system as 32bit duplicates?
>
> Boaz
>
right now I decided to just run the 32bit flash through qemu-kvm either
a windows install or an x86_32 linux distro this way I can watch hulu
stream TV etc..
Justin P. Mattock