Welcome!
Important information
-- Spectre and Meltdown vulnerabilities
-- Change in MX sources

News
-- MX Linux on social media: here
-- Mepis support still here

Current releases
-- MX-17.1 Final release info here
-- antiX-17 release info here

New users
-- Please read this first, and don't forget to add system and hardware information to posts!
-- Here are the Forum Rules

Flash Security Update

Feel free to talk about anything and everything in this board. Just don't post offensive topics that are meant to cause trouble with other members or are derogatory towards people of different genders, race, color, minors (this includes nudity and sex), politics or religion. Let's try to keep peace among the community and for visitors.

No spam on this or any other forums please! If you post advertisements on these forums, your account may be deleted.

Do not copy and paste entire or even up to half of someone else's words or articles into posts. Post only a few sentences or a paragraph and make sure to include a link back to original words or article. Otherwise it's copyright infringement.

You can talk about other distros here, but no MX bashing. You can email the developers of MX if you just want to say you dislike or hate MX.
Post Reply
Message
Author
User avatar
soundtech
Forum Novice
Forum  Novice
Posts: 54
Joined: Thu Jul 13, 2006 5:52 pm

Flash Security Update

#1 Post by soundtech » Wed Feb 05, 2014 12:59 pm

There is a current security concern with flash player on all platforms.

http://arstechnica.com/security/2014/02 ... ay-threat/

Adobe recommends Linux users to update to version 11.2.202.336.
I was running 11.2.202.275, so I figured it was time to update. I ran the update script as root:

Code: Select all

update-flashplugin-nonfree -iv
I checked my version, and am now running 11.2.202.335. This version is vulnerable to the latest exploit. I was able to download .336 from Adobe's website, but I'm not sure how to install it manually, or even if I should - would a manual install have an undesirable impact on the update script?

Or will 11.2.202.336 make it to the update script's repository soon? Thanks.

User avatar
Nix Hard
Forum Regular
Forum Regular
Posts: 203
Joined: Wed Jul 12, 2006 7:17 am

Re: Flash Security Update

#2 Post by Nix Hard » Thu Feb 13, 2014 4:34 pm

Hey Soundtech, good on you for raising this Adobe Zero-Day Attack issue. [42 views only :confused: ] (429 views now Saturday 15 February 2014 09:51 NZ time) ya :happy:

Just a shame everyone is too busy playing in the MX sandpit. :bagoverhead:

I just read the news on this and have updated to the 11.2.202.336 version of flash myself today.

I followed the instruction here; Out of Band Update for Flash Player
http://forum.mepiscommunity.org/viewtop ... 80&t=34300

Code: Select all

su -c 'update-flashplugin-nonfree --install --verbose'
Cheers NH

Yell-out to any of the Administrators, Global moderators, Moderators, it may be worth while sticking the Adobe Flash update news to the front page for a week or four.
Last edited by Nix Hard on Fri Feb 14, 2014 4:52 pm, edited 2 times in total.
Some bugs are beauts...
MEPIS Radio; it rocks
MEPIS Documentation Project;-- get MEPIS wise

User avatar
kmathern
Forum Veteran
Forum Veteran
Posts: 9327
Joined: Wed Jul 12, 2006 2:26 pm

Re: Flash Security Update

#3 Post by kmathern » Thu Feb 13, 2014 4:46 pm

Nix Hard wrote:Hey Soundtech, good on you for raising this Adobe Zero-Day Attack issue. [42 views only :confused: ]

Just a shame everyone is too busy playing in the MX sandpit. :bagoverhead:

I just read the news on this and have updated to the 11.2.202.336 version ...
It wasn't a reply in this thread, but I did mention the update-flashplugin-nonfree updater about a week ago in this topic: http://forum.mepiscommunity.org/viewtop ... 49#p329449

And a couple days ago Stevo mentioned about having a cron job to keep the flashplugin updated: http://forum.mepiscommunity.org/viewtop ... 95#p330295, also using the update-flashplugin-nonfree updater.

User avatar
lucky9
Forum Veteran
Forum Veteran
Posts: 11380
Joined: Wed Jul 12, 2006 5:54 am

Re: Flash Security Update

#4 Post by lucky9 » Thu Feb 13, 2014 5:02 pm

And I upgraded after that mention a week ago. It did take a day or two to be able to get the x.336 version for Linux.
Yes, even I am dishonest. Not in many ways, but in some. Forty-one, I think it is.
--Mark Twain

User avatar
Nix Hard
Forum Regular
Forum Regular
Posts: 203
Joined: Wed Jul 12, 2006 7:17 am

Re: Flash Security Update

#5 Post by Nix Hard » Thu Feb 13, 2014 5:09 pm

Thanks kmathern,
that's good info on the script, going to add that to my anacron job/cron list now.
Such a script should be in any and all OS releases, until flash just goes away.

I do think it is valid to have a banner post on the front page of MCF for at least 4 weeks.

This is a nasty piece of coding.
One quick update or uninstall fixes it.

Cheers NH
Some bugs are beauts...
MEPIS Radio; it rocks
MEPIS Documentation Project;-- get MEPIS wise

User avatar
richb
Administrator
Posts: 17098
Joined: Wed Jul 12, 2006 2:17 pm

Re: Flash Security Update

#6 Post by richb » Thu Feb 13, 2014 5:19 pm

I have made it a Global Announcement. It will be at the top of every forum on the Board. I chose not to put it in Site Announcements.
Forum Rules
Guide - How to Ask for Help

Rich
SSD Production: MX 17.1
AMD A8 7600 FM2+ CPU R7 Graphics, 16 GIG Mem. Three Samsung EVO SSD's 250 GB, 350 GB HD

User avatar
Nix Hard
Forum Regular
Forum Regular
Posts: 203
Joined: Wed Jul 12, 2006 7:17 am

Re: Flash Security Update

#7 Post by Nix Hard » Thu Feb 13, 2014 5:33 pm

richb wrote:I have made it a Global Announcement. It will be at the top of every forum on the Board. I chose not to put it in Site Announcements.
Thank you Rich
Some bugs are beauts...
MEPIS Radio; it rocks
MEPIS Documentation Project;-- get MEPIS wise

User avatar
Nix Hard
Forum Regular
Forum Regular
Posts: 203
Joined: Wed Jul 12, 2006 7:17 am

Re: Flash Security Update

#8 Post by Nix Hard » Thu Feb 13, 2014 5:45 pm

Nix Hard wrote:
richb wrote:I have made it a Global Announcement. It will be at the top of every forum on the Board. I chose not to put it in Site Announcements.
Thank you Rich
Just had a look at that Rich and it "kind-of" gets lost in the mire mate.

What's with not sticking it in plain sight on the front door for all to see easily.

Joe Blow average is not going to notice this news where it sits at the moment.

This has slipped under my radar for at least 8 days.
That's 8 days too long.

Cheers NH
Some bugs are beauts...
MEPIS Radio; it rocks
MEPIS Documentation Project;-- get MEPIS wise

User avatar
GuiGuy
Forum Guide
Forum Guide
Posts: 1429
Joined: Sun Dec 16, 2007 6:29 pm

Point of Order.

#9 Post by GuiGuy » Thu Feb 13, 2014 8:35 pm

When I try to thank any post in this thread, I get the message "invalid thank".
Why?

User avatar
lucky9
Forum Veteran
Forum Veteran
Posts: 11380
Joined: Wed Jul 12, 2006 5:54 am

Re: Flash Security Update

#10 Post by lucky9 » Thu Feb 13, 2014 9:00 pm

non-Moderator comment: Have you been a good boy?
Yes, even I am dishonest. Not in many ways, but in some. Forty-one, I think it is.
--Mark Twain

Post Reply

Return to “General”