Keeping promises: patched flash-plugin for Linux

Adobe has release patched versions of its Flash software for Windows, Mac and Linux in response to a security hole found in the product. If you’re a Linux user who has Flash installed, check out below for how to get it.

An Adobe Security Bulletin released just yesterday announces the availability of patched versions of its Flash software for Windows, Mac and Linux. This is in keeping with the company’s promise to continue issuing security updates even though further development of the plugin on Linux has ceased.

Users of Adobe Flash Player 11.2.202.341 and earlier versions for Linux should update to Adobe Flash Player 11.2.202.346

The patches address 2 separate CVEs:

These updates resolve a vulnerability that could be used to bypass the same origin policy (CVE-2014-0503).

These updates resolve a vulnerability that could be used to read the contents of the clipboard (CVE-2014-0504).

Linux users can obtain the updates by going to http://get.adobe.com/flashplayer, and downloading the appropriate package for their distribution.

I had previous installed Adobe’s adobe-linux-x86_64.repo under /etc/yum.repos.d on all my machines. As a result I only need to do a “yum update” to have the update installed.

Here’s the text of the yum repo configuration:

name=Adobe Systems Incorporated
baseurl=http://linuxdownload.adobe.com/linux/x86_64/
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux

It is highly recommended that the package be used for installing it for a first time install of the repo, as it will automatically import Adobe’s GPG key.

If you happen to have any Windows machines around this might be a good time to review whether or not automatic updates should be turned on.

They should.

This entry was posted in Security, System Administration on by .

About phil

My name is Phil Lembo. In my day job I’m an enterprise IT architect for a leading distribution and services company. The rest of my time I try to maintain a semi-normal family life in the suburbs of Raleigh, NC. E-mail me at philipATlembobrothersDOTcom. The opinions expressed here are entirely my own and not those of my employers, past, present or future (except where I quote others, who will need to accept responsibility for their own rants).