Adobe Flash vuln CVE-2014-9163
Posted: Fri Dec 12, 2014 2:46 pm
Everybody needs to update Adobe Flash immediately: security bulletin CVE-2014-9163 . This one's pretty nasty. Not a big deal for Windoze and Mac users to update, but Linux is a bit more involved, as usual.
http://web.nvd.nist.gov/view/vuln/detai ... -2014-9163
http://helpx.adobe.com/security/product ... 14-27.html
Now I'm on Debian as most of you know, and I typically use testing and sid repositories. I'd expect to find the latest release of flashplugin-nonfree but NO! You have to get it directly from Adobe until it makes it's way to our repos. Considering this vulnerability is being exploited in the wild for a few days already, I am seriously annoyed that no updates have been pushed to non-free repos and I have no choice but to update manually.
First, check your version here:
https://www.adobe.com/software/flash/about/
or here:
http://helpx.adobe.com/flash-player.html
If you do not have 11.2.202.425 ( I had 11.2.202.424 until a short while ago ) then you need to download it from here:
http://get.adobe.com/flashplayer/
You're fine on RPM or YUM based package managers. You're even o.k. on Ubuntu. On Debian and for everyone else, you have to download the tar.gz and figure it out yourself. The file is meant to be extracted from the root directory and the libflashplayer.so copied to one or more locations. Let me know if anybody needs help on this.
http://web.nvd.nist.gov/view/vuln/detai ... -2014-9163
http://helpx.adobe.com/security/product ... 14-27.html
Now I'm on Debian as most of you know, and I typically use testing and sid repositories. I'd expect to find the latest release of flashplugin-nonfree but NO! You have to get it directly from Adobe until it makes it's way to our repos. Considering this vulnerability is being exploited in the wild for a few days already, I am seriously annoyed that no updates have been pushed to non-free repos and I have no choice but to update manually.
First, check your version here:
https://www.adobe.com/software/flash/about/
or here:
http://helpx.adobe.com/flash-player.html
If you do not have 11.2.202.425 ( I had 11.2.202.424 until a short while ago ) then you need to download it from here:
http://get.adobe.com/flashplayer/
You're fine on RPM or YUM based package managers. You're even o.k. on Ubuntu. On Debian and for everyone else, you have to download the tar.gz and figure it out yourself. The file is meant to be extracted from the root directory and the libflashplayer.so copied to one or more locations. Let me know if anybody needs help on this.