RE: flashplugin-nonfree and latest Flash security updates
On Wed, 3 Aug 2016 20:47:45 +0200
Moritz Mühlenhoff <jmm@inutil.org> wrote:
> Nick Boyce <nick@glimmer.demon.co.uk> schrieb:
> > assuming Bart is MIA for some reason, is it possible
> > for the Security Team to either fix the update, or to make an
> > announcement that all Debian users should stop using the Adobe
> > player immediately ?
>
> No, non-free/contrib is not supported by the security team.
Okay - thanks Moritz.
> Just don't use that crap. With the amount of zero days in Flash
> you're subject to serious vulnerabilities even with an up-to-date
> plugin.
Well you're right of course, though as I said in reply to Paul Wise
there is still a use-case with no alternative at the BBC News website,
and if a throwaway VM is used then the risk is mostly mitigated. Also I
believe there are quite a few corporate intranet use-cases that *depend*
on Flash for corporate web-apps (at least according to traffic on the
Enterprise Firefox list).
Cheers,
Nick
--
In a world where Henry Kissinger wins the Nobel Peace Prize,
there is no need for satire.
- Tom Lehrer
Reply to: