My thoughts on Slackware, life and everything

And finally, Adobe’s afterthought

adobe_flash_8s600x600_2 Adobe must think Linux users are a bunch of retards. It took them several days to release an update for their legacy Flash Player plugin for Linux – took them so long actually that Mozilla decided to block Flash in their Firefox browser. Now that’s a statement.

Finally, here are the Slackware packages for flashplayer-plugin version 11.2.202.491. This version is a fix for several new zero-day exploits actively used on-line after the code leaked from the “Hacking Team” break-in, so it is urgently advised to upgrade if you are still using Flash. And even then, it appears that another zero-day exploit has been uncovered, which Adobe acknowledges in their security bulletin but for which the latest Flash release does not offer protection.

If you wonder why I don’t mention that I also created packages for the Chromium PepperFlash plugin, that’s because I released that two days ago already!

Download locations for the Flash plugins:

Eric

9 Comments

  1. Jen

    Wish I could say I’m surprised. When all of this started, I disabled flash. Can’t say I miss it much. Read: at all.

  2. Deny Dias

    Eric, can I ask you why you keep releasing flash player updates? Don’t you feel the time to discontinue them has arrived?

  3. Helios

    I have installed freshplayerplugin, which allows to use pepperflash in firefox (I had to install also many dependencies). And it works very well. Do you plan to replace flashplayer with freshplayerplugin in the future ?

  4. cv.kurnia indah

    adobe flash on firefox sometimes error, but maybe crash

  5. alienbob

    I am not planning on replacing flashplayer-plugin with freshplayer. I think you should switch to Chromium anyway for a better Flash experience.

    I will not stop updating the flashplayer-plugin – unless there are no further releases by Adobe of course. Enough people still need flash, on company networks for instance.

    Ultimately it is up to you to decide that you no longer want or need to use Flash, but that does not withhold me from creating packages.

  6. fabio

    Deny Dias: apply cold water directly to the burn and everything should be ok.

  7. me

    When i looked at the security bulletin i can’t see that this version is still effected.
    ” Adobe Flash Player Extended Support Release version 11.2.202.481 and earlier 11.x versions for Linux” and you packaged 11.2.202.491.
    Did i miss something?

  8. alienbob

    At the time of writing, Adobe had not acknowledged that they had also added a fix for CVE-2015-5123 to their latest Flash player plugins, but in their Security Bulletin https://helpx.adobe.com/security/products/flash-player/apsb15-18.html they explicitly state:
    “These updates resolve a memory corruption vulnerability that could lead to code execution (CVE-2015-5123)”

    So all is well in the end. The waiting is for the next vulnerability to be uncovered 😉

  9. me

    With 400GB data i guess we will see a lot more vulnerabilities face the light.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© 2024 Alien Pastures

Theme by Anders NorenUp ↑