Main menu:

Sponsoring

Please consider a small donation:

 

 

Or you can donate bitcoin:

 

Thanks to TekLinks in Birmingham, AL, for providing colocation and bandwidth.

Page Rank

Fame

FOSS Force Best Blog--2013 Award

Recent posts

Recent comments

About this blog

I am Eric Hameleers, and this is where I think out loud.
More about me.

Search

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 406 other subscribers

My Favourites

Slackware

Calendar

November 2018
M T W T F S S
« Oct    
 1234
567891011
12131415161718
19202122232425
2627282930  

RSS Alien's Slackware packages

RSS Alien's unofficial KDE Slackware packages

RSS Alien's multilib packages

RSS Slackware64-current

RSS SBo

Meta

July ’15 Security fixes for Adobe’s Flash web plugins (extra critical)

adobe_flash_8s600x600_2The recent hack of the “Hacking Team” -a company that makes money from creating spyware for repressive governments –  has uncovered evidence that they have been exploiting a yet unknown security hole which is present in all Adobe Flash players since version 7.  Obviously based on the  information obtained from the public dump of Hacking Team’s 400 GB Intranet data, there’s a Zero-Day exploit out there in the wild that is actively targeting computers (thanks mancha for the link). Adobe have released patched Flash player plugins today that fix this security hole and you are all urgently advised to update your flash player packages.

For your information: The updated Slackware package for chromium-pepperflash-plugin has version 18.0.0.204. The updated flashplayer-plugin has version 11.2.202.481. The Chromium plugin was taken from the Google Chrome 43.0.2357.132 RPM which was released yesterday. New packages for my own chromium package based on the sources of that same version are underway, expect those tomorrow.

Download locations for the Flash plugins:

If you are using the slackpkg+ extension for slackpkg, then you just run “slackpkg update && slackpkg update flash”. Alternatively, you can subscribe to my repository RSS feed to stay informed of any updates.

Eric

Comments

Comment from cwizardone
Posted: July 8, 2015 at 14:55

Thank you!
Greatly appreciated!

Comment from Jen
Posted: July 8, 2015 at 15:47

Am still without my morning coffee, so aren’t as sharp as I would be. 18.0.0.204 is the fixed flash, correct?

Comment from alienbob
Posted: July 8, 2015 at 15:52

Jen, 18.0.0.204 is the version of the Chromium PepperFlash plugin (PPAPI). The NPAPI plugin for Mozilla-compatible browsers is version 11.2.202.481. Just as stated in the article.

Comment from Jen
Posted: July 8, 2015 at 16:02

Cool thanks. (And have obtained coffee)

Pingback from Links 9/7/2015: LinuxIT Sold, Alpine Linux 3.2.1 Released | Techrights
Posted: July 9, 2015 at 14:14

[…] July ’15 Security fixes for Adobe’s Flash web plugins (extra critical) […]

Comment from darietto
Posted: July 11, 2015 at 23:50

still don’t understand all these Flash updates
don’t get me wrong, i know it is all about security, but how is it possible that a single piece of software is so buggy to need a fix every now and then?

Comment from Ed
Posted: July 14, 2015 at 17:39

I’m running flashplayer-plugin-11.2.202.481-x86_64-1alien, and a lot of websites are still telling me that there “This plugin has security vulnerabilities”. This is on a fresh install of -current.

Comment from alienbob
Posted: July 14, 2015 at 18:27

Well, yes. Adobe has not released a newer version than 11.2.202.481 for Linux yet, but that one has been flagged as vulnerable in today’s security bulletin https://helpx.adobe.com/security/products/flash-player/apsa15-04.html

I have uploaded a fixed version for the chromium-pepperflash plugin package.

If you insist on using Flash then I advise you to install Chromium with that plugin, or Chrome.

Comment from Ed
Posted: July 15, 2015 at 06:20

Oh, ok. I just read that they are continuing to find 0day exploits in flash, up to 3 as I have seen so far, and some are actually calling for flash to end.

What does that mean for us FF/flash users?

Comment from Daniel
Posted: July 15, 2015 at 10:53

Ed, this is the reason you are getting the message:

http://www.bbc.co.uk/news/technology-33520935

Comment from Johann
Posted: July 16, 2015 at 00:43

It seems there’s a wrapper to use PPAPI in NPAPI browsers…

https://github.com/i-rinat/freshplayerplugin

Anyone already tested this for some time???

Regards

Write a comment