Warning: Adobe Flash vulnerability
Sav vas
vicedar at gmail.com
Sat May 31 20:36:17 BST 2008
On Sat, May 31, 2008 at 7:34 PM, Theodotos Andreou wrote:
> Still no solution from adobe! Another good point on why FOSS software is
> better. It makes projects like gnash and swfdec make much more sense. I
> hope they release a usable plug-in soon.
>
They've looked the problem again, the root of the problem seems to be
an older vulnerability:
Still not sure if it's a false alarm or not, but it's better to be
safe than sorry ;)
http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html
http://www.securityfocus.com/bid/29386
Quoting: "NOTE: Further research indicates that this vulnerability is
the same issue described in BID 28695 (Adobe Flash Player Multimedia
File Remote Buffer Overflow Vulnerability), so this BID is being
retired. "
Possible root of the problem:
http://www.securityfocus.com/bid/28695
Quoting: "Adobe Flash Player 9.0.115.0 and earlier versions are affected."
but all in all, theo's right.. if it was open source it would've been
easier to release a patch after being thoroughly looked through by
thousands of free software developers :)
More information about the Ubuntu-cy
mailing list