[flex-mojos] Re: Flex Security Issue: Patched SDK Availability in Maven Repository?

Mon, 05 Dec 2011 05:47:35 -0800 

Is that possible to deploy flex 4.6 as it doesn't have this problem ?

On Dec 5, 1:18 pm, Marvin Froeder <[email protected]> wrote:
> 13 FDKs to be deployed...
> If you have this Flex SDK version installed...  Then replace it with
> this fixed version....
> 3.0                                                                           
>   3.0A
> 3.0.1                                                                   3.0.1A
> 3.1                                                                           
>   3.1A
> 3.2                                                                           
>   3.2A
> 3.3                                                                           
>   3.3A
> 3.4                                                                           
>   3.4A
> 3.4.1                                                                   3.4.1A
> 3.5 or 3.5A                                                             3.5B
> 3.6                                                                           
>   3.6A
> 4.0                                                                           
>   4.0A
> 4.1                                                                           
>   4.1A
> 4.5                                                                           
>   4.5A
> 4.5.1                                                                   4.5.1A
>
> If I just blind throw then to server w/o any concern if all files are
> there or if it works at all that would take 3 days working full time
> on this.  I don't have this kind of time.
>
> VELO
>
> On Dec 5, 11:12 am, Christofer Dutz <[email protected]>
> wrote:
>
>
>
>
>
>
>
> > I doubt Adobe will republisch all existing Flex SDKs. I bet they will
> > simply release a newer version that contains the fix. Wouldn't it be
> > enough just to deploy that one fixed version?
>
> > 2011/12/5 Marvin Froeder <[email protected]>:
>
> > > Ow dear...
>
> > > Do not expect that happening anytime soon.  It simply mean redeploying
> > > ALL FDKs already deployed and I don't have time to do that for now.
>
> > > On Dec 5, 10:42 am, Carsten Schlipf <[email protected]> wrote:
> > >> Adobe has published a security 
> > >> bulletin:http://kb2.adobe.com/cps/915/cpsid_91544.html
>
> > >> *Due to a vulnerability in the Flex SDK, many Flex applications are
> > >> vulnerable to cross-site scripting (XSS) attacks, and must be patched in
> > >> order to protect user data.*
>
> > >> When will updated SDKs be available in the repository?
>
> > > --
> > > You received this message because you are subscribed to the Google
> > > Groups "Flex Mojos" group.
> > > To post to this group, send email to [email protected]
> > > To unsubscribe from this group, send email to
> > > [email protected]
> > > For more options, visit this group at
> > >http://groups.google.com/group/flex-mojos
>
> > >http://flexmojos.sonatype.org/

-- 
You received this message because you are subscribed to the Google
Groups "Flex Mojos" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/flex-mojos

http://flexmojos.sonatype.org/

Reply via email to