[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [opensuse-security] Older version of Adobe Flash Player was still installed after April upgrade :(

On Sun, Jun 01, 2008 at 05:29:41AM -0400, Gar Ulbricht wrote:
> Hi all,
> As you probably know, SANS last week reported a vulnerability in
> Adobe Flash Player versions and older.  Reference:
> <http://isc.sans.org/diary.html?storyid=4465>
> Two days later in a follow-up report,they amended their analysis
> to versions ___ earlier than ___  ""
> <http://isc.sans.org/diary.html?storyid=4474>
> ("" was released in April by Adobe.)
> In the follow-up story, they included a link to Adobe's site to
> test what version of Flash Player (if any) you have installed.
> <http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_15507>
> (I use "no-script" -- and as a policy I try not to go to any
> flash sites -- but sometimes I need to :(
> I tested my machine using the Adobe test page,
> and first got "" -- which is what I expected.
> I then re-ran the test from a copy of their page
> which I had downloaded and got Version: "" !!!!!
> Which is not so good and not what i expected.
> It turns out last Fall when I installed openSUSE-10.3
> I installed from the openSUSE DVD, the rpm labled 
> "flash-plugin- -Adobe Flash Player 9.0."
> When the new patch came out for Adobe Flash in April,
> I installed the rpm labled: "flash-player- --
> Macromedia Flash Plug-In,"
> but that install did not remove the old rpm  --
> it was still there.

How did it not remove the old RPM for you? How did you notice
it was still installed?

Ciao, Marcus
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx