lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 01 Aug 2010 10:53:50 -0700
From:	"Justin P. Mattock" <justinmattock@...il.com>
To:	Boaz Harrosh <bharrosh@...asas.com>
CC:	Theodore Ts'o <tytso@....edu>, linux-kernel@...r.kernel.org,
	ksummit-2010-discuss@...ts.linux-foundation.org
Subject: Re: PSA: Please update your flash plugin!

On 08/01/2010 07:18 AM, Boaz Harrosh wrote:
> On 07/30/2010 07:05 AM, Justin P. Mattock wrote:
>> On 07/29/2010 07:50 PM, Theodore Ts'o wrote:
>>> This is a public service announcement --- if you are running Flash 10.0,
>>> make sure you upgrade to 10.1.  Flash 10.0 has a horrible security
>>> vulnerability:
>>>
>>> 	http://www.adobe.com/support/security/bulletins/apsb10-14.html
>>>
>>> I have Google Analytics running on the ksummit2010 website, and in
>>> addition to discovering that 59% used Firefox and 25% were using Chrome,
>>> and that the most popular screen resolution was 1280x800 followed by
>>> 1280x1024, etc. --- I also was able to find that while 59% were running
>>> Flash 10.1, over 40% of the visitors to the ksummit2010 web site were
>>> running a vulnerable version of Adobe flash, which has a remote code
>>> execution vulerability.
>>>
>>> If you were visiting that site from your development system, which you
>>> use to push changes to a subsystem maintianer, or even Linus, hopefully
>>> I don't need to tell you what a bad idea it is to leave yourself open
>>> and vulnerable like this.  (This particular security problem with Flash
>>> has been announced for almost 2 months at this point!)
>>>
>>> 						- Ted
>>> --
>>> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>>> the body of a message to majordomo@...r.kernel.org
>>> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>>> Please read the FAQ at  http://www.tux.org/lkml/
>>>
>>
>>
>> biggest problem here is they havn't updated their x86_64(pure64) version
>> yet. hopefully hey release an update soon.
>>
>> Justin P. Mattock
>> --
>
> Here too. How do I run (any) Flash-10.1 on a 64bit system (say FC12) without
> actually reverting to a 32bit browser? Do I still get to install half of my
> system as 32bit duplicates?
>
> Boaz
>


right now I decided to just run the 32bit flash through qemu-kvm either 
a windows install or an x86_32 linux distro this way I can watch hulu 
stream TV etc..

Justin P. Mattock
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ