Accepted flashplugin-nonfree 7.0.68~ubuntu1 (source)
Matt Zimmerman
mdz at ubuntu.com
Fri Sep 15 19:08:28 BST 2006
On Thu, Sep 14, 2006 at 11:51:36PM -0700, Daniel Robitaille wrote:
> On 9/14/06, Thilo Six <T.Six at gmx.de> wrote:
> >
> > but i am not talking about an bug as such.
> > I am asking how we will handle this security issue in an comfortable way
> > for our users.
> > This is an administrative question not a technical one (in first place).
>
> I personally wish this upgrade would makes its way into Dapper, since
> I use that version on my home desktop. But this is a multiverse
> package, thus not officially supported by Ubuntu developers. I´ll
> probably simply download the plugin myself, and install it manually in
> my firefox profile in my home directory and be done with it instead of
> waiting for a version that may or may come soon.
>
> Looking at the versions available in previous (and still supported)
> versions of Ubuntu, Hoary is still at 7.0.25. Breezy has been
> upgraded to a version which I believes contains 7.0.63 (but I´m not
> 100% sure due to the the version number of the package). And Dapper
> is currently at 7.0.63. Only Edgy got that 7.0.68 version.
> So in practice, Ubuntu users have not always had access to the latest
> version of the flash plugin coming from the flashplugin-nonfree
> package, even if it had known security issues. I guess it is up to the
> MOTU team to provide this updates to the community in a similar
> fashion to any other package in universe/multiverse that may have
> security issues. As a user, that´s the risk to have to pay to install
> a package not coming from main repository.
FYI, https://wiki.ubuntu.com/SecurityUpdateProcedures contains information about
how security updates are handled, including those for universe and
multiverse.
--
- mdz
More information about the ubuntu-devel
mailing list