Re: flashplugin-nonfree and latest Flash security updates
On Wed, 2016-08-03 at 20:43 +0200, Rob van der Putten wrote: > Hi there > > > On 03/08/16 11:55, Paul Wise wrote: > > > > > > > I'm not part of the team, > > Me neither. > > > > > but I do know that contrib and non-free are > > not supported by the Debian security team, so they are unlikely to > > make any fixes nor announcements. > > > > https://www.debian.org/security/faq#contrib > > You can download the plugin manually. For i396 it's; > http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.429/install_flash_player_11_linux.i3 > 86.tar.gz > > Replace '11.2.202.429' with the version you want. And maybe 'http' with > 'https'. > > > > > I'd encourage everyone reading this list to use this opportunity > > transition away from using the Adobe Flash player. Most of the web > > should support standard HTML5 by now, various folks have been pushing > > to get rid of Flash for a long time. > > I don't have Flash on my new Jessie box. I don't miss it. > > > Regards, > Rob > > > Only thing legitimate that I've seen that still depends upon flash is the new flash based vcenter for managing ESXi hosts. Why they went with flash is beyond me, but it doesn't work with this version of flash anyhow, I've had to install it through the browser-plugin-freshplayer-pepperflash package.
Re: flash plugin from ubuntu (was: flashplugin-nonfree and latest Flash security updates)
On Mittwoch, 3. August 2016 22:55:25 CEST Luedtke, Nicholas (HPE Linux Security) wrote: > This sounds like a bad idea and if done needs to be accompanied by a lot of > documentation. Why? It's certainly less of a security hazard than the current flashplugin- nonfree package. > > -Nicholas > > From: Holger Levsen > Sent: Wednesday, August 3, 2016 4:03:32 PM > To: debian-security@lists.debian.org > Cc: Bart Martens > Subject: Re: flash plugin from ubuntu (was: flashplugin-nonfree and latest > Flash security updates) > On Wed, Aug 03, 2016 at 10:46:33PM +0200, Stefan Fritsch wrote: > > Maybe the flashplugin-nonfree package should even be replaced by a package > > that installs the ubuntu archive signing key, sets up the sources.list > > line, and tweaks the unattended-updates config to allow automatic updates > > from that repo. > please, no. > > > -- > cheers, > Holger
Re: flashplugin-nonfree and latest Flash security updates
On Thu, Aug 04, 2016 at 02:14:55AM +, Nick Boyce wrote: > > Just don't use that crap. With the amount of zero days in Flash > > you're subject to serious vulnerabilities even with an up-to-date > > plugin. > [...] Also I > believe there are quite a few corporate intranet use-cases that *depend* > on Flash for corporate web-apps (at least according to traffic on the > Enterprise Firefox list). plus there are a lot of school + education related websites & other material, including exams, which need flash… I estimate it will take some years to weed those out. -- cheers, Holger signature.asc Description: Digital signature
RE: flashplugin-nonfree and latest Flash security updates
On Wed, 3 Aug 2016 22:53:28 + Bart Martens wrote: > On Mon, Aug 01, 2016 at 08:25:01AM -0700, Darren S. wrote: [...] > > 'update-flashplugin-nonfree --status` shows a newer release > > of the plugin upstream. > > > > > > options : --verbose --status -- > > temporary directory: /tmp/flashplugin-nonfree.65hpQUuxtV > > importing public key ... > > selected action = --status > > Flash Player version installed on this system : 11.2.202.626 > > Flash Player version available on upstream site: 22.0.0.209 > > That is now 11.2.202.632. You may need to delete > /var/cache/flashplugin-nonfree/get-upstream-version.pl and try again. Thanks for sorting it out Bart. FWIW, in my throwaway BBC-news-reading VM, which is still Debian Wheezy, I did indeed have to delete that cached script, after which the update worked perfectly and the Flash player is working normally. Cheers Nick -- The two "sides" in the systemd debate are (a) the one that has cursory knowledge of the evolution of other operating systems over the past two decades, and (b) the side that's basically 90's Linux-Amish. ~~ Slashdot comment
Re: flash plugin from ubuntu (was: flashplugin-nonfree and latest Flash security updates)
This sounds like a bad idea and if done needs to be accompanied by a lot of documentation. -Nicholas From: Holger Levsen Sent: Wednesday, August 3, 2016 4:03:32 PM To: debian-security@lists.debian.org Cc: Bart Martens Subject: Re: flash plugin from ubuntu (was: flashplugin-nonfree and latest Flash security updates) On Wed, Aug 03, 2016 at 10:46:33PM +0200, Stefan Fritsch wrote: > Maybe the flashplugin-nonfree package should even be replaced by a package > that > installs the ubuntu archive signing key, sets up the sources.list line, and > tweaks the unattended-updates config to allow automatic updates from that > repo. please, no. -- cheers, Holger
RE: flashplugin-nonfree and latest Flash security updates
On Wed, 3 Aug 2016 20:47:45 +0200 Moritz Mühlenhoff wrote: > Nick Boyce schrieb: > > assuming Bart is MIA for some reason, is it possible > > for the Security Team to either fix the update, or to make an > > announcement that all Debian users should stop using the Adobe > > player immediately ? > > No, non-free/contrib is not supported by the security team. Okay - thanks Moritz. > Just don't use that crap. With the amount of zero days in Flash > you're subject to serious vulnerabilities even with an up-to-date > plugin. Well you're right of course, though as I said in reply to Paul Wise there is still a use-case with no alternative at the BBC News website, and if a throwaway VM is used then the risk is mostly mitigated. Also I believe there are quite a few corporate intranet use-cases that *depend* on Flash for corporate web-apps (at least according to traffic on the Enterprise Firefox list). Cheers, Nick -- In a world where Henry Kissinger wins the Nobel Peace Prize, there is no need for satire. - Tom Lehrer
RE: flashplugin-nonfree and latest Flash security updates
On Wed, 3 Aug 2016 17:55:43 +0800 Paul Wise wrote: > On Wed, Aug 3, 2016 at 8:29 AM, Nick Boyce wrote: [snip] > > I realise the nonfree plugin is not really supported, but ... > > assuming Bart is MIA for some reason, is it possible for the > > Security Team to either fix the update, or to make an announcement > > that all Debian users should stop using the Adobe player > > immediately ? > > I'm not part of the team, but I do know that contrib and non-free are > not supported by the Debian security team, so they are unlikely to > make any fixes nor announcements. > > https://www.debian.org/security/faq#contrib Thanks. Link read, point taken (although the link does imply the Security Team will sometimes make appropriate announcements about such unsupported packages). > I'd encourage everyone reading this list to use this opportunity > transition away from using the Adobe Flash player. Most of the web > should support standard HTML5 by now I'd love to. Actually I have removed Flash from almost all my systems now because, as you say, most sites have introduced HTML5 replacements [*]. I have just one use-case left: for some reason the BBC News website still requires Flash to show news video clips, although all other BBC properties seem to have an HTML5 alternative, even if still beta. I have a throwaway Debian VM for that purpose, and would like to use Flash in it for as long as the need remains. [*] of course, some observers are wondering what new security hell may be delivered along with HTML5 media players, but that's another conversation about which I have no personal opinion :-) Cheers, Nick -- The Unix man pages were written by Vogons. Drunk Vogons. Practicing poetry whilst smashing snails with hammers. ~~ Slashdot comment
Re: flashplugin-nonfree and latest Flash security updates
On Mon, Aug 01, 2016 at 08:25:01AM -0700, Darren S. wrote: > Greetings, > > There are aspects of the flashplugin-nonfree package I am hoping to > understand better in respect to installing the latest security updates > for the Adobe Flash plugin on a Debian host. > > Debian GNU/Linux 8.5 (jessie) > firefox-esr 45.2.0esr-1~deb8u1 amd64 > flashplugin-nonfree 1:3.6.1 amd64 > > 'update-flashplugin-nonfree --status` shows a newer release of the > plugin upstream. > > > options : --verbose --status -- > temporary directory: /tmp/flashplugin-nonfree.65hpQUuxtV > importing public key ... > selected action = --status > Flash Player version installed on this system : 11.2.202.626 > Flash Player version available on upstream site: 22.0.0.209 That is now 11.2.202.632. You may need to delete /var/cache/flashplugin-nonfree/get-upstream-version.pl and try again. I'm considering to do an upload of flashplugin-nonfree to delete that old get-upstream-version.pl from the cache. The cause was that Adobe now suddenly starts distributing 22.* as well, and that Adobe's website returns the 22.* or 11.* version as the newest available version depending on the user agent of the browser. The fix was to modify get-upstream-version.pl to use the user agent string of Firefox in stretch, so the 11.* version is returned. > flash-mozilla.so - auto mode > link currently points to /usr/lib/flashplugin-nonfree/libflashplayer.so > /usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50 > Current 'best' version is '/usr/lib/flashplugin-nonfree/libflashplayer.so'. > end of action --status > cleaning up temporary directory /tmp/flashplugin-nonfree.65hpQUuxtV ... > end of update-flashplugin-nonfree > > > http://www.adobe.com/software/flash/about/ confirms that this > 11.2.202.626 version is installed and shows the latest supported > package for this system (Linux, Firefox - NPAPI (Extended Support > Release) 11.2.202.632 (slightly newer, 632 > 626). Flash objects in > Firefox are also replaced with the warning dialog noting that the > Flash plugin is outdated. Well, if Firefox rejects 11.2.202.632, which is the newest version for Firefox, then there is currently no Flash Player for Firefox. > > > 'update-flashplugin-nonfree --install' however does not result in the > most recent update being installed: > > > options : --verbose --install -- > temporary directory: /tmp/flashplugin-nonfree.1LM79N9U0I > importing public key ... > selected action = --install > installed version = 11.2.202.626 > upstream version = 22.0.0.209 > wgetoptions= -nd -P . -v --progress=dot:default > downloading > http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.22.0.0.209.sha512.amd64.pgp.asc It attempts to proceed for 22.0.0.209... See above about trying again. > ... > --2016-08-01 07:53:23-- > http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.22.0.0.209.sha512.amd64.pgp.asc > Resolving people.debian.org (people.debian.org)... 5.153.231.30, > 2001:41c8:1000:21::21:30 > Connecting to people.debian.org > (people.debian.org)|5.153.231.30|:80... connected. > HTTP request sent, awaiting response... 301 Moved Permanently > Location: > https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.22.0.0.209.sha512.amd64.pgp.asc > [following] > --2016-08-01 07:53:24-- > https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.22.0.0.209.sha512.amd64.pgp.asc > Connecting to people.debian.org > (people.debian.org)|5.153.231.30|:443... connected. > HTTP request sent, awaiting response... 404 Not Found > 2016-08-01 07:53:24 ERROR 404: Not Found. > > wget failed to download > http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.22.0.0.209.sha512.amd64.pgp.asc > downloading > http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc > ... > --2016-08-01 07:53:24-- > http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc Still falling back to the old fp10 files... > Resolving people.debian.org (people.debian.org)... 5.153.231.30, > 2001:41c8:1000:21::21:30 > Connecting to people.debian.org > (people.debian.org)|5.153.231.30|:80... connected. > HTTP request sent, awaiting response... 301 Moved Permanently > Location: > https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc > [following] > --2016-08-01 07:53:25-- > https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc > Connecting to people.debian.org > (people.debian.org)|5.153.231.30|:443... connected. > HTTP request sent, awaiting response... 200 OK > Length: 1250 (1.2K) [text/plain] > Saving to: ‘./fp10.sha512.amd64.pgp.asc’ > > 0K . 100% > 254K=0.005s > > 2016-08-01 07:53:25 (254 KB/s) - ‘./fp10.sha512.amd64.pgp.asc’ saved > [1250/1250] > > verifying PGP fp10.sha512.amd64.pgp.asc ... > copying > /var/cache/flashplugin-nonfree/install_flash_player_11_linux.x86_64
Re: flash plugin from ubuntu (was: flashplugin-nonfree and latest Flash security updates)
On Wed, Aug 03, 2016 at 10:46:33PM +0200, Stefan Fritsch wrote: > Maybe the flashplugin-nonfree package should even be replaced by a package > that > installs the ubuntu archive signing key, sets up the sources.list line, and > tweaks the unattended-updates config to allow automatic updates from that > repo. please, no. -- cheers, Holger signature.asc Description: Digital signature
flash plugin from ubuntu (was: flashplugin-nonfree and latest Flash security updates)
On Mittwoch, 3. August 2016 20:43:29 CEST Rob van der Putten wrote: > You can download the plugin manually. For i396 it's; > http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.429/install_fl > ash_player_11_linux.i386.tar.gz An alternative that has worked quite well for me on some of my systems is to use the apt repository from ubuntu. It seems to get timely updates, canonical seems to have permission to distribute it, and it works just fine with jessie/ stretch/sid: deb http://archive.canonical.com/ubuntu/ trusty partner You need to import the key into apt. It's 0x3B4FE6ACC0B21F32 and is also signed by Steve Langasek, whose key is in the debian-keyring package. Maybe the flashplugin-nonfree package should even be replaced by a package that installs the ubuntu archive signing key, sets up the sources.list line, and tweaks the unattended-updates config to allow automatic updates from that repo. As an added benefit, you get a package for skype, too (and more). Unfortunately, I don't have enough time to create such a package. Probably one should ask Ubuntu, too... Cheers, Stefan
Re: flashplugin-nonfree and latest Flash security updates
Nick Boyce schrieb: > I realise the nonfree plugin is not really supported, but given the > serious (!!!) security implications of running a known-vulnerable Flash > player for a significant time after a fixed version has been released, > and assuming Bart is MIA for some reason, is it possible for the > Security Team to either fix the update, or to make an announcement that > all Debian users should stop using the Adobe player immediately ? No, non-free/contrib is not supported by the security team. Just don't use that crap. With the amount of zero days in Flash you're subject to serious vulnerabilities even with an up-to-date plugin. Cheers, Moritz
Re: flashplugin-nonfree and latest Flash security updates
Hi there On 03/08/16 11:55, Paul Wise wrote: I'm not part of the team, Me neither. but I do know that contrib and non-free are not supported by the Debian security team, so they are unlikely to make any fixes nor announcements. https://www.debian.org/security/faq#contrib You can download the plugin manually. For i396 it's; http://fpdownload.macromedia.com/get/flashplayer/pdc/11.2.202.429/install_flash_player_11_linux.i386.tar.gz Replace '11.2.202.429' with the version you want. And maybe 'http' with 'https'. I'd encourage everyone reading this list to use this opportunity transition away from using the Adobe Flash player. Most of the web should support standard HTML5 by now, various folks have been pushing to get rid of Flash for a long time. I don't have Flash on my new Jessie box. I don't miss it. Regards, Rob
Re: flashplugin-nonfree and latest Flash security updates
On Wed, Aug 3, 2016 at 8:29 AM, Nick Boyce wrote: > I have emailed the maintainer (Bart Martens, at his debian.org address) > twice about this (30th.July and 1st.Aug), but there has been no reply as > yet. Do I need to post to the bug report Francesco mentioned: > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820583 > rather than emailing Bart directly ? Mailing the bug report will send a mail to Bart directly. > I realise the nonfree plugin is not really supported, but given the > serious (!!!) security implications of running a known-vulnerable Flash > player for a significant time after a fixed version has been released, > and assuming Bart is MIA for some reason, is it possible for the > Security Team to either fix the update, or to make an announcement that > all Debian users should stop using the Adobe player immediately ? I'm not part of the team, but I do know that contrib and non-free are not supported by the Debian security team, so they are unlikely to make any fixes nor announcements. https://www.debian.org/security/faq#contrib I'd encourage everyone reading this list to use this opportunity transition away from using the Adobe Flash player. Most of the web should support standard HTML5 by now, various folks have been pushing to get rid of Flash for a long time. -- bye, pabs https://wiki.debian.org/PaulWise
RE: flashplugin-nonfree and latest Flash security updates
On Mon, 1 Aug 2016 08:25:01 -0700 Darren S. wrote: > There are aspects of the flashplugin-nonfree package I am hoping to > understand better in respect to installing the latest security updates > for the Adobe Flash plugin on a Debian host. [snip] > It appears that the updated Flash plugin version fails to be > fetched/verified because of a 404 on the Debian server. This updated > version doesn't appear to be the one that would work with Firefox on > Linux anyway, as that would be 11.2.202.632. However when > update-flashplugin-nonfree fetches and installs an 11.x version, it > drops in the slightly older 11.2.202.626 version which is still > considered vulnerable in the browser. > > Is there a way for this to be corrected? +1 The update-flashplugin-nonfree facility has been broken for several days now. It reports the upstream plugin version is 22.0.0.209, but that is not true - the latest plugin version for Linux systems is 11.2.202.632, as shown at https://www.adobe.com/products/flashplayer/distribution3.html The 22.0.0.209 version is for Windows, Mac and potentially also for Google Chrome on Linux. IIRC, the Google Chrome version is the new style PPAPI plugin, whereas Firefox/Iceweasel needs the older NPAPI technology, so I have not actually run the update cos the last thing I would want is a plugin which won't work at all. I have emailed the maintainer (Bart Martens, at his debian.org address) twice about this (30th.July and 1st.Aug), but there has been no reply as yet. Do I need to post to the bug report Francesco mentioned: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820583 rather than emailing Bart directly ? I realise the nonfree plugin is not really supported, but given the serious (!!!) security implications of running a known-vulnerable Flash player for a significant time after a fixed version has been released, and assuming Bart is MIA for some reason, is it possible for the Security Team to either fix the update, or to make an announcement that all Debian users should stop using the Adobe player immediately ? Thanks, Nick -- "Always code as if the person who ends up maintaining your code is a violent psychopath who knows where you live." -- John Woods
Re: flashplugin-nonfree and latest Flash security updates
On Mon, Aug 1, 2016 at 5:25 PM, Darren S. wrote: > > 'update-flashplugin-nonfree --status` shows a newer release of the > plugin upstream. > > [...] > > 'update-flashplugin-nonfree --install' however does not result in the > most recent update being installed: Hi Darren, --status always shows the latest version available upstream --install, however, installs the latest version available at https://people.debian.org/~bartm/flashplugin-nonfree/, which at the moment is still updated manually This issue is tracked at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820583 Cheers, Francesco
flashplugin-nonfree and latest Flash security updates
Greetings, There are aspects of the flashplugin-nonfree package I am hoping to understand better in respect to installing the latest security updates for the Adobe Flash plugin on a Debian host. Debian GNU/Linux 8.5 (jessie) firefox-esr 45.2.0esr-1~deb8u1 amd64 flashplugin-nonfree 1:3.6.1 amd64 'update-flashplugin-nonfree --status` shows a newer release of the plugin upstream. options : --verbose --status -- temporary directory: /tmp/flashplugin-nonfree.65hpQUuxtV importing public key ... selected action = --status Flash Player version installed on this system : 11.2.202.626 Flash Player version available on upstream site: 22.0.0.209 flash-mozilla.so - auto mode link currently points to /usr/lib/flashplugin-nonfree/libflashplayer.so /usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50 Current 'best' version is '/usr/lib/flashplugin-nonfree/libflashplayer.so'. end of action --status cleaning up temporary directory /tmp/flashplugin-nonfree.65hpQUuxtV ... end of update-flashplugin-nonfree http://www.adobe.com/software/flash/about/ confirms that this 11.2.202.626 version is installed and shows the latest supported package for this system (Linux, Firefox - NPAPI (Extended Support Release) 11.2.202.632 (slightly newer, 632 > 626). Flash objects in Firefox are also replaced with the warning dialog noting that the Flash plugin is outdated. 'update-flashplugin-nonfree --install' however does not result in the most recent update being installed: options : --verbose --install -- temporary directory: /tmp/flashplugin-nonfree.1LM79N9U0I importing public key ... selected action = --install installed version = 11.2.202.626 upstream version = 22.0.0.209 wgetoptions= -nd -P . -v --progress=dot:default downloading http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.22.0.0.209.sha512.amd64.pgp.asc ... --2016-08-01 07:53:23-- http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.22.0.0.209.sha512.amd64.pgp.asc Resolving people.debian.org (people.debian.org)... 5.153.231.30, 2001:41c8:1000:21::21:30 Connecting to people.debian.org (people.debian.org)|5.153.231.30|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.22.0.0.209.sha512.amd64.pgp.asc [following] --2016-08-01 07:53:24-- https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.22.0.0.209.sha512.amd64.pgp.asc Connecting to people.debian.org (people.debian.org)|5.153.231.30|:443... connected. HTTP request sent, awaiting response... 404 Not Found 2016-08-01 07:53:24 ERROR 404: Not Found. wget failed to download http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp.22.0.0.209.sha512.amd64.pgp.asc downloading http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc ... --2016-08-01 07:53:24-- http://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc Resolving people.debian.org (people.debian.org)... 5.153.231.30, 2001:41c8:1000:21::21:30 Connecting to people.debian.org (people.debian.org)|5.153.231.30|:80... connected. HTTP request sent, awaiting response... 301 Moved Permanently Location: https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc [following] --2016-08-01 07:53:25-- https://people.debian.org/~bartm/flashplugin-nonfree/D5C0FC14/fp10.sha512.amd64.pgp.asc Connecting to people.debian.org (people.debian.org)|5.153.231.30|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 1250 (1.2K) [text/plain] Saving to: ‘./fp10.sha512.amd64.pgp.asc’ 0K . 100% 254K=0.005s 2016-08-01 07:53:25 (254 KB/s) - ‘./fp10.sha512.amd64.pgp.asc’ saved [1250/1250] verifying PGP fp10.sha512.amd64.pgp.asc ... copying /var/cache/flashplugin-nonfree/install_flash_player_11_linux.x86_64.tar.gz ... verifying checksum install_flash_player_11_linux.x86_64.tar.gz ... wgetoptions= -nd -P . -v --progress=dot:default -O /tmp/flashplugin-nonfree.1LM79N9U0I/install_flash_player_11_linux.x86_64.tar.gz downloading https://fpdownload.adobe.com/get/flashplayer/pdc/11.2.202.626/install_flash_player_11_linux.x86_64.tar.gz ... verifying checksum install_flash_player_11_linux.x86_64.tar.gz ... unpacking install_flash_player_11_linux.x86_64.tar.gz ... verifying checksum contents of install_flash_player_11_linux.x86_64.tar.gz ... moving libflashplayer.so to /usr/lib/flashplugin-nonfree ... setting permissions and ownership of /usr/lib/flashplugin-nonfree/libflashplayer.so ... Flash Player version: 11.2.202.626 moving install_flash_player_11_linux.x86_64.tar.gz to /var/cache/flashplugin-nonfree ... flash-mozilla.so - auto mode link currently points to /usr/lib/flashplugin-nonfree/libflashplayer.so /usr/lib/flashplugin-nonfree/libflashplayer.so - priority 50 Current 'best' version is '/usr/lib/flashplugin-nonfree/libflashplayer.so'. calling update-alternatives ... fl