Re: flashplugin-nonfree and latest Flash security updates
On Wed, Aug 3, 2016 at 8:29 AM, Nick Boyce wrote:
> I have emailed the maintainer (Bart Martens, at his debian.org address)
> twice about this (30th.July and 1st.Aug), but there has been no reply as
> yet. Do I need to post to the bug report Francesco mentioned:
> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820583
> rather than emailing Bart directly ?
Mailing the bug report will send a mail to Bart directly.
> I realise the nonfree plugin is not really supported, but given the
> serious (!!!) security implications of running a known-vulnerable Flash
> player for a significant time after a fixed version has been released,
> and assuming Bart is MIA for some reason, is it possible for the
> Security Team to either fix the update, or to make an announcement that
> all Debian users should stop using the Adobe player immediately ?
I'm not part of the team, but I do know that contrib and non-free are
not supported by the Debian security team, so they are unlikely to
make any fixes nor announcements.
https://www.debian.org/security/faq#contrib
I'd encourage everyone reading this list to use this opportunity
transition away from using the Adobe Flash player. Most of the web
should support standard HTML5 by now, various folks have been pushing
to get rid of Flash for a long time.
--
bye,
pabs
https://wiki.debian.org/PaulWise
Reply to: