I used a proof-of-concept SWF to verify that the CRLF injection vulnerability still exists in 7.0.68. There's no statement about it because they appear to only be fixing the "latest" release, which is the 9.x series. :(
** Changed in: flashplugin-nonfree (Ubuntu)
Status: Needs Info => Unconfirmed
--
CRLF injection vulnerability in Adobe Flash Player plugin
https://launchpad.net/bugs/68429
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
