Flashplugin-nonfree

NoOp glgxg at sbcglobal.net
Thu Dec 18 04:08:25 UTC 2008 

On 12/17/2008 05:03 PM, Mario Vukelic wrote:
> On Wed, 2008-12-17 at 10:20 -0800, NoOp wrote:
>> Ah, then you probably mean the standard 'partner' adobe-flashplugin as
>> medibuntu doesn't have flash in it's repositories:
>> http://packages.medibuntu.org/pool/non-free/a/
>> but is in the partner repos:
>> http://archive.canonical.com/ubuntu/pool/partner/a/
> 
> My bad, I used outdated info. I didn't even known about
> adobe-flashplugin, I'm using flashplugin-nonfree from multiverse, which
> downloads and installs from adobe.com.
> 
>> As for 'security updates'... I'd have to disagree that the repos are on
>> top of things. Example: SeaMonkey is at 1.1.14 and the version provided
>> in the repositories is seriously out of date with regards to security:
> 
> Well, seamonkey is in universe, which provides no guarantees.

OK. I'll give you that as well :-) The issue with SeaMonkey (IceApe in
Debian terms) goes back to a long disputed copyright naming issue that
has been resolved for quite some time. However, given that there is an
Ubuntu sanctioned repo:

https://launchpad.net/ubuntu/+source/seamonkey
http://packages.ubuntu.com/hardy/seamonkey-browser

That is "maintained" by Ubuntu folks:
Maintainer:

    * Ubuntu MOTU Developers

https://launchpad.net/ubuntu/+source/seamonkey/+publishinghistory
 Latest release:  1.1.13+nobinonly-0ubuntu1
Uploaded By:  Alexander Sack
Maintainer:  Ubuntu-Mozilla-Team
Maintainer defaults:*
Urgency: Low Urgency
Component: universe
Architectures: any
* actual publishing details may vary in this distribution, these are
just the package defaults.
Initially uploaded to:
Ubuntu Jaunty

Who knows? The money flows with Firefox and Thunderbird (they are
Mozilla Corporation w/paid developers - mostly funded by Google [1]) and
does not with SeaMonkey (they are Mozilla Foundation).

> 
> Anyway, I did not mean to imply that the repos are always perfect, but
> they are much more likely to update packages than I am to regularly
> check flash vulnerabilities and update manually.
> 
> 

No worries - now that it is in the partner repo's then with luck it will
be updated on a regular basis.

[1]  You know - the same Google that brands the search box in
help.ubuntu.com (https://help.ubuntu.com/search.html)... you know the
one that pops up in the upper right hand corner and shows "Google Custom
Search":
  <script type="text/javascript"
src="http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en"></script>
and causes https warnings on proper browsers for having a paged with
mixed https and http links because the
https://help.ubuntu.com/search.html links to an insecure
http://www.google.com/coop/cse/brand?form=cse-search-box&lang=en

  I think it would be a pretty cool to have the link changed to Yahoo,
or even better to http://www.msn.com/. I mean, heck, if the branding
link goes to the highest bidder why not? Anyway, that's way OT, but I
thought that I'd at least point that out as I've sent requests to the
appropriate folks at Ubuntu regarding the Google branded non-https links
in the pages and have yet to receive any reply.

More information about the ubuntu-users mailing list