Hi Philippe, * Philippe Cloutier <[EMAIL PROTECTED]> [2007-12-20 14:34]: > should someone who already has Flash 9.0.31 installed from stable's > flashplugin-nonfree uninstall it due to security issues? I only see one > important security bug, CVE-2007-5275.
This is the wrong mailing list, I think [EMAIL PROTECTED] would be appropriate. Anyway, CVE-2007-5275 is not the only issue which was fixed recently, have a look at: http://www.adobe.com/support/security/bulletins/apsb07-20.html The update fixes: CVE-2007-6242, CVE-2007-4768, CVE-2007-5275, CVE-2007-6243, CVE-2007-6244, CVE-2007-6245, CVE-2007-4324, CVE-2007-6246 and CVE-2007-5476. Since this fixes also vulnerabilities leading to code execution it is at least not secure to stay with this version. However I think reinstalling the package should solve this as the package just downloads the install_flash_player_9_linux.tar.gz tarball from the adobe site and the name did not change after the security update. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpnhEqqw7oP0.pgp
Description: PGP signature