On 26 January 2015 at 15:17, Martin Stransky wrote:
> On 01/26/2015 02:03 PM, drago01 wrote:
>>
>> On Mon, Jan 26, 2015 at 2:01 PM, Ahmad Samir
>> wrote:
>>>
>>> On 26 January 2015 at 14:55, Martin Stransky wrote:
Where have you got that? Official Adobe site [1] says the late
On 26.01.2015 17:38, Ralf Corsepius wrote:
> On 01/26/2015 05:20 PM, poma wrote:
>
>> What I asked you - "According to what I read in (German) media...",
>> care to paste a link, or you'll repeat again n gain what has already been
>> said.
>
> http://www.heise.de/newsticker/meldung/Kritische-Lue
On 01/26/2015 05:20 PM, poma wrote:
What I asked you - "According to what I read in (German) media...",
care to paste a link, or you'll repeat again n gain what has already been said.
http://www.heise.de/newsticker/meldung/Kritische-Luecke-im-Flash-Player-Adobe-beginnt-Update-Auslieferung-2527
On 26.01.2015 17:05, Ralf Corsepius wrote:
> On 01/26/2015 04:34 PM, poma wrote:
>> On 26.01.2015 15:13, Ralf Corsepius wrote:
>>> On 01/26/2015 02:25 PM, poma wrote:
On 01/26/2015 01:01 PM, drago01 wrote:
>>>
>> Care to paste a link?
>> I can not find the changelog for flash-plugin, i
On 01/26/2015 04:34 PM, poma wrote:
On 26.01.2015 15:13, Ralf Corsepius wrote:
On 01/26/2015 02:25 PM, poma wrote:
On 01/26/2015 01:01 PM, drago01 wrote:
Care to paste a link?
I can not find the changelog for flash-plugin, if such a thing even exists!?
https://helpx.adobe.com/security/prod
On 26.01.2015 15:13, Ralf Corsepius wrote:
> On 01/26/2015 02:25 PM, poma wrote:
>> On 01/26/2015 01:01 PM, drago01 wrote:
>
Care to paste a link?
I can not find the changelog for flash-plugin, if such a thing even
exists!?
>>>
>>> https://helpx.adobe.com/security/products/flash-pl
Am 26.01.2015 um 13:55 schrieb Martin Stransky:
On 01/26/2015 01:48 PM, drago01 wrote:
The latest one is 11.2.202.440 ... which is supposed to have the fix.
Where have you got that? Official Adobe site [1] says the latest is
11.2.202.438 and flash download page [2] gives me the same. I see t
On 01/26/2015 02:25 PM, poma wrote:
On 01/26/2015 01:01 PM, drago01 wrote:
Care to paste a link?
I can not find the changelog for flash-plugin, if such a thing even exists!?
https://helpx.adobe.com/security/products/flash-player/apsa15-01.html
Where do you see "11.2.202.440" there!?
Go
On 26 January 2015 at 15:16, Martin Stransky wrote:
> On 01/26/2015 02:12 PM, Ahmad Samir wrote:
>>
>> On 26 January 2015 at 15:03, drago01 wrote:
>>>
>>> On Mon, Jan 26, 2015 at 2:01 PM, Ahmad Samir
>>> wrote:
On 26 January 2015 at 14:55, Martin Stransky
wrote:
>
>
>
On 01/26/2015 01:01 PM, drago01 wrote:
> On Mon, Jan 26, 2015 at 12:58 PM, poma wrote:
>> On 26.01.2015 12:42, Ralf Corsepius wrote:
>>> On 01/26/2015 12:29 PM, poma wrote:
On 23.01.2015 10:51, Martin Stransky wrote:
> Folk,
>
> There's a live 0-day flash vulnerability which is no
On 01/26/2015 02:03 PM, drago01 wrote:
On Mon, Jan 26, 2015 at 2:01 PM, Ahmad Samir wrote:
On 26 January 2015 at 14:55, Martin Stransky wrote:
Where have you got that? Official Adobe site [1] says the latest is
11.2.202.438 and flash download page [2] gives me the same. I see the Ubuntu
upd
On 01/26/2015 02:12 PM, Ahmad Samir wrote:
On 26 January 2015 at 15:03, drago01 wrote:
On Mon, Jan 26, 2015 at 2:01 PM, Ahmad Samir wrote:
On 26 January 2015 at 14:55, Martin Stransky wrote:
Where have you got that? Official Adobe site [1] says the latest is
11.2.202.438 and flash downloa
On 26 January 2015 at 15:03, drago01 wrote:
> On Mon, Jan 26, 2015 at 2:01 PM, Ahmad Samir wrote:
>> On 26 January 2015 at 14:55, Martin Stransky wrote:
>>>
>>>
>>> Where have you got that? Official Adobe site [1] says the latest is
>>> 11.2.202.438 and flash download page [2] gives me the same.
On Mon, Jan 26, 2015 at 2:01 PM, Ahmad Samir wrote:
> On 26 January 2015 at 14:55, Martin Stransky wrote:
>>
>>
>> Where have you got that? Official Adobe site [1] says the latest is
>> 11.2.202.438 and flash download page [2] gives me the same. I see the Ubuntu
>> update with .440 package but wh
On 26 January 2015 at 14:55, Martin Stransky wrote:
>
>
> Where have you got that? Official Adobe site [1] says the latest is
> 11.2.202.438 and flash download page [2] gives me the same. I see the Ubuntu
> update with .440 package but what's that?
>
> ma.
>
> [1] http://www.adobe.com/software/fla
Installed Packages
Name: flash-plugin
Arch: x86_64
Version : 11.2.202.440
Release : release
Size: 19 M
Repo: installed
>From repo : adobe-linux-x86_64
Summary : Adobe Flash Player 11.2
URL : http://www.adobe.com/downloads/
License : Commerci
On 01/26/2015 01:48 PM, drago01 wrote:
On Mon, Jan 26, 2015 at 1:40 PM, Martin Stransky wrote:
On 01/23/2015 10:51 AM, Martin Stransky wrote:
Folk,
There's a live 0-day flash vulnerability which is not fixed yet [1][2].
If you use flash plugin I recommend you to enable the click-to-play mode
On Mon, Jan 26, 2015 at 1:40 PM, Martin Stransky wrote:
> On 01/23/2015 10:51 AM, Martin Stransky wrote:
>>
>> Folk,
>>
>> There's a live 0-day flash vulnerability which is not fixed yet [1][2].
>> If you use flash plugin I recommend you to enable the click-to-play mode
>> for it.
>>
>> There's al
On 01/23/2015 10:51 AM, Martin Stransky wrote:
Folk,
There's a live 0-day flash vulnerability which is not fixed yet [1][2].
If you use flash plugin I recommend you to enable the click-to-play mode
for it.
There's also a Fedora Firefox update with such change [3].
ma.
[1]
https://isc.sans.edu
On Mon, Jan 26, 2015 at 12:58 PM, poma wrote:
> On 26.01.2015 12:42, Ralf Corsepius wrote:
>> On 01/26/2015 12:29 PM, poma wrote:
>>> On 23.01.2015 10:51, Martin Stransky wrote:
Folk,
There's a live 0-day flash vulnerability which is not fixed yet [1][2].
If you use flash plugi
On 26.01.2015 12:42, Ralf Corsepius wrote:
> On 01/26/2015 12:29 PM, poma wrote:
>> On 23.01.2015 10:51, Martin Stransky wrote:
>>> Folk,
>>>
>>> There's a live 0-day flash vulnerability which is not fixed yet [1][2].
>>> If you use flash plugin I recommend you to enable the click-to-play mode
>>>
On 01/26/2015 12:29 PM, poma wrote:
On 23.01.2015 10:51, Martin Stransky wrote:
Folk,
There's a live 0-day flash vulnerability which is not fixed yet [1][2].
If you use flash plugin I recommend you to enable the click-to-play mode
for it.
Are we covered with
$ rpm -q --changelog flash-plugin
On 23.01.2015 10:51, Martin Stransky wrote:
> Folk,
>
> There's a live 0-day flash vulnerability which is not fixed yet [1][2].
> If you use flash plugin I recommend you to enable the click-to-play mode
> for it.
>
> There's also a Fedora Firefox update with such change [3].
>
> ma.
>
> [1]
On Friday, January 23, 2015 08:44:03 AM Andrew Lutomirski wrote:
> $ sandbox -X xterm
> [nothing happens]
It made me install selinux-policy-sandbox and seunshare. I am able to run
Firefox under sandbox without any problem. I am running Fedora 21 KDE.
--
Regards,
Sudhir Khanger,
sudhirkhanger.co
On 23.01.2015 15:12, Kevin Fenzi wrote:
> On Fri, 23 Jan 2015 12:44:23 +0100
> poma wrote:
>
>> On 23.01.2015 10:51, Martin Stransky wrote:
>>> Folk,
>>>
>>> There's a live 0-day flash vulnerability which is not fixed yet
>>> [1][2]. If you use flash plugin I recommend you to enable the
>>> click
On Fri, Jan 23, 2015 at 8:18 AM, Matthias Runge
wrote:
> On 23/01/15 16:59, Andrew Lutomirski wrote:
>
>>>
>>> sandbox -X will also add more protection.
>>
>> Unless I'm mistaken, sandbox -X hasn't worked in almost a year.
>>
> I gave it a try;
>
> sandbox -X
> /usr/bin/sandbox:
> /usr/sbin/seunsh
On Fri, Jan 23, 2015 at 04:59:31PM +0100, drago01 wrote:
> On Fri, Jan 23, 2015 at 4:29 PM, Daniel J Walsh wrote:
> > libflashplayer.so runs within the Mozilla-plugin I believe. If so it
> > would be confined
> > if you have not turned on the unconfined_mozilla_plugin_transition boolean.
> >
>
>
Once upon a time, Matthias Runge said:
> /usr/sbin/seunshare is required for the action you want to perform.
>
> Sadly, a naive (and not so naive) dnf reporequery, repoquery and yum
> search did not show the right dep.
Don't know about dnf, but a simple "yum install /usr/sbin/seunshare"
will do
On 23/01/15 16:59, Andrew Lutomirski wrote:
>>
>> sandbox -X will also add more protection.
>
> Unless I'm mistaken, sandbox -X hasn't worked in almost a year.
>
I gave it a try;
sandbox -X
/usr/bin/sandbox:
/usr/sbin/seunshare is required for the action you want to perform.
Sadly, a naive (a
On 01/23/2015 09:29 AM, Daniel J Walsh wrote:
On 01/23/2015 10:25 AM, poma wrote:
Until this is resolved, is this a valid way:
$ sandbox -X -T tmp -t sandbox_web_t firefox
to cover this security issue, or can we isolate only libflashplayer.so,
not the entire browser.
Daniel, can you comment.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 01/23/2015 04:29 PM, Daniel J Walsh wrote:
>
> On 01/23/2015 10:25 AM, poma wrote:
>> On 23.01.2015 15:12, Kevin Fenzi wrote:
>>> On Fri, 23 Jan 2015 12:44:23 +0100 poma
>>> wrote:
>>>
On 23.01.2015 10:51, Martin Stransky wrote:
> Folk,
On Jan 23, 2015 7:47 AM, "Daniel J Walsh" wrote:
>
>
> On 01/23/2015 10:25 AM, poma wrote:
> > On 23.01.2015 15:12, Kevin Fenzi wrote:
> >> On Fri, 23 Jan 2015 12:44:23 +0100
> >> poma wrote:
> >>
> >>> On 23.01.2015 10:51, Martin Stransky wrote:
> Folk,
>
> There's a live 0-day fl
On Fri, Jan 23, 2015 at 4:29 PM, Daniel J Walsh wrote:
>
> On 01/23/2015 10:25 AM, poma wrote:
>> On 23.01.2015 15:12, Kevin Fenzi wrote:
>>> On Fri, 23 Jan 2015 12:44:23 +0100
>>> poma wrote:
>>>
On 23.01.2015 10:51, Martin Stransky wrote:
> Folk,
>
> There's a live 0-day flash
Am 23.01.2015 um 12:44 schrieb poma:
On 23.01.2015 10:51, Martin Stransky wrote:
There's a live 0-day flash vulnerability which is not fixed yet [1][2].
If you use flash plugin I recommend you to enable the click-to-play mode
for it.
Are we covered with
$ rpm -q flash-plugin
flash-plugin-11.2
On 01/23/2015 10:25 AM, poma wrote:
> On 23.01.2015 15:12, Kevin Fenzi wrote:
>> On Fri, 23 Jan 2015 12:44:23 +0100
>> poma wrote:
>>
>>> On 23.01.2015 10:51, Martin Stransky wrote:
Folk,
There's a live 0-day flash vulnerability which is not fixed yet
[1][2]. If you use flash
On Fri, 23 Jan 2015 12:44:23 +0100
poma wrote:
> On 23.01.2015 10:51, Martin Stransky wrote:
> > Folk,
> >
> > There's a live 0-day flash vulnerability which is not fixed yet
> > [1][2]. If you use flash plugin I recommend you to enable the
> > click-to-play mode for it.
>
> Are we covered with
On 23.01.2015 10:51, Martin Stransky wrote:
> Folk,
>
> There's a live 0-day flash vulnerability which is not fixed yet [1][2].
> If you use flash plugin I recommend you to enable the click-to-play mode
> for it.
Are we covered with
$ rpm -q flash-plugin
flash-plugin-11.2.202.438-release.x86_64
37 matches
Mail list logo
