Hi, it's also important to note that this is a cross plattform remote exploit, which affects a very great percentage of the web population and therefore is very likely to be activly exploited. http://www.adobe.com/support/security/bulletins/apsb07-12.html was issued more than a month ago. And the binary in question, which sources we cannot diff and compare to what we shippied in etch, is run by every adobe flash 9 user on linux - for me this is sufficient testing in this case. (Though of course I'd prefer a proper testsuite ;-) Looking at the SRM user-tagged bugs I cannot see this issue - should I file a bug? (Or tag an existent.) regards, Holger
Attachment:
pgpy3QjteYhuo.pgp
Description: PGP signature