[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
Sorry, I don't understand You: 1. flashplugin-installer is NOT the same as flashplugin-nonfree 2. it did NOT take some time: the package was in real time downloaded and installed - just the links were NOT updated properly - this is the reason, why the old plugin was still active and this is the reason, why I'm really not sure, that this bug should not by closed, until this problem is clear ! BTW - I don't thing, that adobe-flashplugin is the better choice then flashplugin-installer: - adobe-flashplugin didn't update my links, so old version stayed active, but I just have remove this (and my manual links) and Ubuntu-update then has update flashplugin-installer - and in /usr/lib/flashplugin-installer is now the new working plugin. -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
flashplugin-nonfree has been renamed to flashplugin-installer in jaunty (flashplugin-nonfree is a transitional package which only forces the package manager to install flashplugin-installer). Your screenshot shows that have installed flashplugin-installer 10.0.22.87ubuntu2 which is *not* the most recent version (it's 10.0.32.18ubuntu0.9.04.1). Installing flashplugin-installer AND adobe-flashplugin is definitely a bad idea and probably caused this problem. -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
Installing flashplugin-installer AND adobe-flashplugin is definitely a bad idea and probably caused this problem. Can they be flagged as conflicting/mutually exclusive then? That's the Debian/Ubuntu way, surely, rather than advising people on a bug report that few people will read. -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
Maybe are #14 and #15 right, and the problem is in conflict. In this case, should be both of this packages: flashplugin-installer and adobe-flashplugin updated. I still don't known, why adobe-flashplugin by installation did not updated older links from older flashplugin-installer, ... ?!?! But this problem can occur by many users - and if they do not come across this discussion, they may stay in risk. Also this packages should be updated again, to automatic solve this dangerous possible conflict by others. -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
kapetr: you must have installed flash from the adobe site, and not from the Ubuntu repositories. An updated flash package for jaunty is now in the repositories. -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
Updated flashplugin-nonfree packages have been released for hardy, intrepid, jaunty and karmic. Marking this bug as closed. ** Changed in: flashplugin-nonfree (Ubuntu) Status: Confirmed = Fix Released -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
No ! As I have write - I have installed this package with Synaptic - from standard repository ! Not manually from Adobe package! BTW - even if this new package was in repository, no automatic update was presented by Ubuntu. Also - You schould not close this bug. ** Changed in: acroread (Ubuntu) Status: Fix Released = Confirmed -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
P.S.: See this my synaptic status: http://jpnk.wz.cz/Synaptic.png Maybe it helps. -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
You shouldn't install flashplugin-installer (formerly flashplugin-nonfree) and adobe-flashplugin at the same time because they both provide similar functionality. I recommend removing flashplugin-installer as adobe-flashplugin is the more reliable package. You still have the old version because it takes some time until the package has been built and all mirrors have synced from the main server. ** Changed in: acroread (Ubuntu) Status: Confirmed = Fix Released -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
acroread and adobe-flashplugin were updated in the partner archive for Hardy, Intrepid and Jaunty. flashplugin-nonfree still needs to be updated. ** Changed in: acroread (Ubuntu) Status: Confirmed = Fix Released -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
Huh? Why is there adobe-flashplugin and flashplugin-nonfree? When is this going to be updated? Can I tell the users at my office they'll get a security update in Ubuntu soon? Or do they have to download and install it themselves? -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
I'm working on them as we speak. They should come out soon. -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
I thing there is also another problem in Ubuntu 9.04. [sorry please my English!] I have installed adobe-flashplugin (Synaptic) - it is in new/safe version 10.0.32.18 -and I was think, it is all right. But ! - at http://www.adobe.com/software/flash/about/; is still reported, that I have 10,0,22,87 version ! (after firefox restart of course). Also users may thing, that after update they are safe, but they did not. The problem is, that: /usr/lib/firefox/plugins/flashplugin-alternative.so points to /etc/alternatives/firefox-flashplugin which points to /usr/lib/flashplugin-installer/libflashplayer.soAND THIS IS STILL THE OLD 10,0,22,87 So I did manualy: mv /usr/lib/flashplugin-installer/libflashplayer.so /usr/lib/flashplugin-installer/libflashplayer.so.old ln -s /usr/lib/adobe-flashplugin/ libflashplayer.so /usr/lib/flashplugin-installer/libflashplayer.so BTW - Manage Conten Pluginst allways reports: Adobe Flash Player (installer) I thing, that is bug in postinst ? procedure of adobe-flashplugin package ? Thanks for replay. -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
Is there any reason an updated package has not been made available yet? Adobe released an update to Flash last week, and they have rated the security issues as critical - their highest rating. -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
Is this bug really assigned to nobody ? I'm new around here but assigned to nobody leaves everyone wondering. I'd really like to see this package updated given it's a critical. -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
Adobe has released updates: http://www.adobe.com/support/security/bulletins/apsb09-10.html -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is a direct subscriber. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 403825] Re: CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player
** Visibility changed to: Public -- CVE-2009-1862: Security advisory for Adobe Reader, Acrobat and Flash Player https://bugs.launchpad.net/bugs/403825 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs