On Fri, 7 Oct 2011, Vladimir Mosgalin wrote:
> On 2011.10.07 at 01:34:38 +0200, Dag Wieers wrote next:
>
>>> Evidently, a number of stock end-user applications, such as
>>> Firefox, Thunderbird, and the like, have security holes as well as
>>> bugs, and thus need regularly kept current.
>>
>> Do you have any proof of security problems ? Was there a security
>> advisory for this release ?
>
> It's not as simple as that.
> There was no supported version of 64-bit flash 10 plugin.
> Information about security problems in betas and RCs of flash plugins
> aren't displayed on that page that you saw - it does, however, appear in
> news from adobe and in adobe blogs; but they don't add them to list of
> problems in final releases.
I am nog arguing about that. But people using 64bit flash plugins did not
have any security for months either. I personally don't care about
security for people that don't care about security :)
But that said, now that an official 64bit release is out, we have it too.
> Btw, 64-bit flash 10 plugin was even in more sorry state: there were
> lot of known security problems for it, but adobe stopped developing it
> and latest known (beta) version was said to be very vulnerable.
Again, no arguing against that.
If you look at the mail(s) I was replying too, I was answering to the
general view that:
- Not having the latest flash-plugin is a security problem
- Red Hat is failing to provide a secure flash-plugin
Both statements are false, unless you apply them (only) to already
insecure situations (eg. 64bit beta). Which is more of a mental excercise
anyway.
--
-- dag wieers, [log in to unmask], http://dag.wieers.com/
-- dagit linux solutions, [log in to unmask], http://dagit.net/
[Any errors in spelling, tact or fact are transmission errors]
|