Flash plugin 0-day vulnerability in the wild
Ahmad Samir
ahmadsamir3891 at gmail.com
Mon Jan 26 13:12:45 UTC 2015
On 26 January 2015 at 15:03, drago01 <drago01 at gmail.com> wrote:
> On Mon, Jan 26, 2015 at 2:01 PM, Ahmad Samir <ahmadsamir3891 at gmail.com> wrote:
>> On 26 January 2015 at 14:55, Martin Stransky <stransky at redhat.com> wrote:
>>>
>>>
>>> Where have you got that? Official Adobe site [1] says the latest is
>>> 11.2.202.438 and flash download page [2] gives me the same. I see the Ubuntu
>>> update with .440 package but what's that?
>>>
>>> ma.
>>>
>>> [1] http://www.adobe.com/software/flash/about/
>>> [2] https://get.adobe.com/flashplayer/
>>
>> flash-plugin-11.2.202.440 is available in the yum repo hosted by
>> Adobe. But on[1] it doesn't say anything about the issue being fixed
>> for Linux.
>
> Sure it does "Adobe Flash Player 11.2.202.438 and earlier versions for
> Linux" ... 440 > 438 ...
>From https://helpx.adobe.com/security/products/flash-player/apsa15-01.html:
"UPDATE (January 24): Users who have enabled auto-update for the Flash
Player desktop runtime will be receiving version 16.0.0.296 beginning
on January 24. This version includes a fix for CVE-2015-0311"
I was thinking of something along those lines for the Linux version too.
More information about the devel
mailing list