Re: flashplugin-nonfree and latest Flash security updates

To: debian-security@lists.debian.org
Subject: Re: flashplugin-nonfree and latest Flash security updates
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Wed, 3 Aug 2016 20:47:45 +0200
Message-id: <[🔎] slrnnq4f2h.mhe.jmm@inutil.org>
References: <[🔎] CAKVSOJX0tJ3=1Uy6YyQbf+QR=8kav302iCRP2Kixz_HOue_2Aw@mail.gmail.com> <[🔎] FF8270991BB08B49BC6295AFD1E0E44AB8E0AA@EXMBX13.thus.corp>

Nick Boyce <nick@glimmer.demon.co.uk> schrieb:
> I realise the nonfree plugin is not really supported, but given the
> serious (!!!) security implications of running a known-vulnerable Flash
> player for a significant time after a fixed version has been released,
> and assuming Bart is MIA for some reason, is it possible for the
> Security Team to either fix the update, or to make an announcement that
> all Debian users should stop using the Adobe player immediately ?

No, non-free/contrib is not supported by the security team.

Just don't use that crap. With the amount of zero days in Flash
you're subject to serious vulnerabilities even with an up-to-date
plugin.

Cheers,
        Moritz

Reply to:

Follow-Ups:
- RE: flashplugin-nonfree and latest Flash security updates
  - From: Nick Boyce <nick@glimmer.demon.co.uk>

References:
- flashplugin-nonfree and latest Flash security updates
  - From: "Darren S." <phatbuckett@gmail.com>
- RE: flashplugin-nonfree and latest Flash security updates
  - From: Nick Boyce <nick@glimmer.demon.co.uk>

Prev by Date: Re: flashplugin-nonfree and latest Flash security updates
Next by Date: flash plugin from ubuntu (was: flashplugin-nonfree and latest Flash security updates)
Previous by thread: RE: flashplugin-nonfree and latest Flash security updates
Next by thread: RE: flashplugin-nonfree and latest Flash security updates
Index(es):
- Date
- Thread