On Fri, 7 Oct 2011, Vladimir Mosgalin wrote:
On 2011.10.07 at 01:34:38 +0200, Dag Wieers wrote next:
Evidently, a number of stock end-user applications, such as
Firefox, Thunderbird, and the like, have security holes as well as
bugs, and thus need regularly kept current.
Do you have any proof of security problems ? Was there a security
advisory for this release ?
It's not as simple as that.
There was no supported version of 64-bit flash 10 plugin.
Information about security problems in betas and RCs of flash plugins
aren't displayed on that page that you saw - it does, however, appear in
news from adobe and in adobe blogs; but they don't add them to list of
problems in final releases.
I am nog arguing about that. But people using 64bit flash plugins did not
have any security for months either. I personally don't care about
security for people that don't care about security :)
But that said, now that an official 64bit release is out, we have it too.
Btw, 64-bit flash 10 plugin was even in more sorry state: there were
lot of known security problems for it, but adobe stopped developing it
and latest known (beta) version was said to be very vulnerable.
Again, no arguing against that.
If you look at the mail(s) I was replying too, I was answering to the
general view that:
- Not having the latest flash-plugin is a security problem
- Red Hat is failing to provide a secure flash-plugin
Both statements are false, unless you apply them (only) to already
insecure situations (eg. 64bit beta). Which is more of a mental excercise
anyway.
--
-- dag wieers, [email protected], http://dag.wieers.com/
-- dagit linux solutions, [email protected], http://dagit.net/
[Any errors in spelling, tact or fact are transmission errors]
