Chris Smart: >> hmm... The Fedora flash page <http://fedoraproject.org/wiki/Flash> >> suggests nspluginwrapper for 32-bit systems. That's odd. (Written >> by security people?) >> > > Adobe canned the native 64bit plugin which is now highly vulnerable > (and won't be fixed) I had used that highly vulnerable 64-bit plugin for 3 months after the vulnerability was reported in last June. Nothing bad happened to me. Actually no exploit against linux system was reported. That's the reality of the "highly vulnerable". I won't worry about them until I start hearing actual exploits happen to linux users. And I don't see that coming. The specific vulnerability you are referring to has already been fixed. It is CVE-2010-1297 and it affects 10.0.45.2 and earlier versions. The current preview version is 10.2.161.23. Another zero-day vulnerability (CVE-2010-2884) has also been fixed. http://labs.adobe.com/technologies/flashplayer10/ | Recent Updates | | September 27, 2010 — Flash Player "Square" has been updated to | include the security enhancements described in Security Bulletin | APSB10-22. In addition, 32-bit content debuggers are now available | in this preview. The "Zero-day" sounds scary, but it's for WINDOWS (so far). > and is probably why people recommend to use the 32bit version I was talking about nspluginwrapper being used on 32-bit systems. Quote http://fedoraproject.org/wiki/Flash#On_32-bit_Fedora | On 32-bit Fedora | | After completing the Adobe repository configuration, run the | following command to install the Flash plugin and ensure sound is | enabled: | | su -c 'yum install nspluginwrapper alsa-plugins-pulseaudio flash-plugin' | | You may see messages indicating that some of these packages are | already installed. This is not a problem. (In particular, a default | graphical install of 32-bit Fedora already includes both | nspluginwrapper and alsa-plugins-pulseaudio.) -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
