Accepted flashplugin-nonfree 7.0.68~ubuntu1 (source)

[Daniel Robitaille]

On 9/14/06, Thilo Six <T.Six at gmx.de> wrote:
>
> but i am not talking about an bug as such.
> I am asking how we will handle this security issue in an comfortable way
> for our users.
> This is an administrative question not a technical one (in first place).

I personally wish this upgrade would makes its way into Dapper, since
I use that version on my home desktop.   But this is a multiverse
package, thus not officially supported by Ubuntu developers.  I´ll
probably simply download the plugin myself, and install it manually in
my firefox profile in my home directory and be done with it instead of
waiting for a version that may or may come soon.

Looking at the versions available in previous (and still supported)
versions of Ubuntu, Hoary is still at 7.0.25.  Breezy has been
upgraded to a version which I believes contains 7.0.63 (but I´m not
100% sure due to the the version number of the package).  And Dapper
is currently at 7.0.63. Only Edgy got that 7.0.68 version.
So in practice, Ubuntu users have not always had access to the latest
version of the flash plugin coming from the flashplugin-nonfree
package, even if it had known security issues. I guess it is up to the
MOTU team to provide this updates to the community  in a similar
fashion to any other package in universe/multiverse that may have
security issues.  As a user, that´s the risk to have to pay to install
a package not coming from main repository.

By the way, there is a bug open on this:
https://launchpad.net/distros/ubuntu/+source/flashplugin-nonfree/+bug/60256


-- 
Daniel Robitaille