20140312 keeping promises patched flash plugin for linux - plembo/onemoretech GitHub Wiki

title: Keeping promises: patched flash-plugin for Linux link: https://onemoretech.wordpress.com/2014/03/12/keeping-promises-patched-flash-plugin-for-linux/ author: phil2nc description: post_id: 7103 created: 2014/03/12 08:55:45 created_gmt: 2014/03/12 12:55:45 comment_status: closed post_name: keeping-promises-patched-flash-plugin-for-linux status: publish post_type: post

Keeping promises: patched flash-plugin for Linux

Adobe has release patched versions of its Flash software for Windows, Mac and Linux in response to a security hole found in the product. If you're a Linux user who has Flash installed, check out below for how to get it. An Adobe Security Bulletin released just yesterday announces the availability of patched versions of its Flash software for Windows, Mac and Linux. This is in keeping with the company's promise to continue issuing security updates even though further development of the plugin on Linux has ceased.

Users of Adobe Flash Player 11.2.202.341 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.346

The patches address 2 separate CVEs:

These updates resolve a vulnerability that could be used to bypass the same origin policy (CVE-2014-0503). These updates resolve a vulnerability that could be used to read the contents of the clipboard (CVE-2014-0504).

Linux users can obtain the updates by going to http://get.adobe.com/flashplayer, and downloading the appropriate package for their distribution. I had previous installed Adobe's adobe-linux-x86_64.repo under /etc/yum.repos.d on all my machines. As a result I only need to do a "yum update" to have the update installed. Here's the text of the yum repo configuration:

name=Adobe Systems Incorporated
baseurl=http://linuxdownload.adobe.com/linux/x86_64/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux

It is highly recommended that the package be used for installing it for a first time install of the repo, as it will automatically import Adobe's GPG key. If you happen to have any Windows machines around this might be a good time to review whether or not automatic updates should be turned on. They should.